Indian Computer Emergency Response Team
- Nodal Agency: The Indian government has appointed CERT-In as its national nodal organization to manage and coordinate cybersecurity incidents and responses.
- Electronics and Information Technology Ministry (MeitY): It is governed by the Ministry of Electronics and Information Technology, which is in charge of drafting laws governing electronic communication and information technology in India.
- Establishment: Founded in 2004 to address the escalating cybersecurity threats and difficulties in the digital environment.
What is the historical background of establishing CERT-IN?
- Under Section (70B) of the Information Technology Act, 2000, the Government of India established CERT-IN in 2004.
- The Ministry of Communications and Information Technology oversees its operations.
- The National Critical Information Infrastructure Protection Center (NCIIPC), which is a part of the Prime Minister’s Office’s National Technical Research Organization (NTRO), shares duties with CERT-IN.
- The National Disaster Management Authority (NDMA), an agency of the Ministry of Home Affairs, manages disasters.
What are the functions of the CERT-IN?
- Incident Management and Response: In India, CERT-IN is the main hub for managing and responding to cybersecurity issues. It receives and examines reports of cybersecurity incidents from all sources, including the government, businesses, and individual users.
- Vulnerability Coordination: CERT-IN facilitates the responsible disclosure of software and hardware vulnerabilities. It works with vendors, researchers, and users to mitigate the impact of vulnerabilities and promote a safer digital environment.
- Cybersecurity Awareness and Training: CERT-IN conducts cybersecurity awareness programs and training sessions to educate individuals and organizations about best practices, safe online behaviour, and methods to protect against cyber threats.
- Coordination and Collaboration: CERT-IN collaborates with other national and international cybersecurity agencies and organizations to share information, best practices, and threat intelligence. This facilitates a collective effort in addressing global cyber challenges.
- Security Incident Coordination: In case of significant cybersecurity incidents affecting multiple organizations or sectors, CERT-IN coordinates with relevant stakeholders to manage and mitigate the impact effectively.
- Threat Analysis and Early Warning: The CERT-IN keeps an eye out for new attacks, vulnerabilities, and threats in cyberspace. Various stakeholders, including governmental organizations, operators of essential infrastructure, and Internet Service Providers (ISPs), are given early warnings and alarms.
Where are the areas where CERT-IN intervened in the past?
- A serious issue in the VPN functionality in Android Jelly Bean was disclosed by CERT-In in March 2014.
- Users of Google Chrome were advised by CERT-In to update right away to the most recent Chrome browser version, 84.0.4147.89, in July 2020. There have been numerous documented vulnerabilities that could give hackers access.
- A “high severity” rating advisory was released in April 2021 regarding a vulnerability found in earlier versions of WhatsApp and WhatsApp Business for Android (2.21.4.18) and iOS (2.21.32).
- The organization estimates that India saw 11.5 million cyberattack incidents in 2021, including corporate attacks, attacks on vital infrastructure, and attacks on public institutions.
- CERT- December 4, 2022, All India Institute of Medical Sciences (AIIMS), Delhi, was the target of a cyberattack.
What are the advantages that CERT-in provide for a nation?
- Handling cybersecurity events: At the national level, CERT-IN is essential in coordinating and managing cybersecurity incidents. It aids in the early detection of cyber threats and the quick response to them, reducing the impact of cyberattacks on vital systems and infrastructure.
- National Security: Having a specialized organization like CERT-IN strengthens the country’s cybersecurity posture as cyber-attacks become more complex and prevalent. It gives the government the ability to actively preserve critical data and infrastructure, preserving interests in national security.
- Coordination between the Public and Private Sectors: CERT-IN serves as a link between the government, the Public Sector and the Private Sector. It promotes best practices in cybersecurity and encourages teamwork and information sharing, enabling a more coordinated response to cyber incidents.
- Sharing of threat intelligence: CERT-IN gathers and evaluates cyber threat information, which is then disseminated to pertinent parties. Organizations can take the necessary preventive measures by staying updated about new risks and vulnerabilities thanks to this information sharing.
- Support for Incident Response: In the event of a cyber incident, CERT-IN offers technical assistance and direction to impacted entities to aid in recovery and damage mitigation. Particularly beneficial is this support for businesses that might lack adequate cybersecurity capabilities.
- Cybersecurity Awareness: CERT-IN actively promotes cybersecurity awareness among the general public and diverse industries. It holds workshops, runs training courses, and runs public awareness efforts to inform users about cybersecurity and safe online behaviour.
- Development of Policies and Standards: CERT-IN participates in the creation of national cybersecurity standards, policies, and recommendations. Its knowledge contributes to keeping the nation’s cybersecurity framework current and compliant with international best practices.