There have been attempts from time to time to penetrate cyber networks operating in Government. These attacks have been observed to be originating from the cyber space of a number of countries including China. It has been observed that the attackers are compromising computer systems located in different parts of the World and use masquerading techniques and hidden servers to hide the identity of actual system from which the attacks are being launched. Hence, it is difficult to attribute cyber attack to a particular country.
A sophisticated virus called as “Stuxnet” was reported to be spreading worldwide since July 2010. The virus targets Industrial Control Systems. The following specific steps were taken by the Government immediately after the threat was reported:
(i) Alerts and advisories about the Stuxnet threat were issued on website of the Indian Computer Emergency Response Team (CERT-In). Measures to be taken to detect infected systems, dis-infect the same and prevent further propagation were advised to all critical sector organizations in the country.
(ii) Government in association with Internet Service Providers (ISPs) and security vendors tracked the infected systems and advised the owners of the systems to dis-infect the same. Workshops were conducted by CERT-In and other government agencies jointly for critical sector organizations to create awareness and suggest steps to be taken to counter the threat.
Further, the government has taken the following measures to protect cyber networks:
• Department of Information Technology and Electronics has circulated Computer Security Guidelines and Cyber Security Policy to all the Ministries/ Departments on taking steps to prevent, detect and mitigate cyber attacks.
• All Central Government Ministries/ Departments and State/Union Territory Governments have been advised to conduct security audit of entire Information Technology Infrastructure, including websites, periodically to discover gaps with respect to security practices and take appropriate corrective actions.
• Setting up of Early Warning and Response to cyber security incidents through the Indian Computer Emergency Response Team (CERT-In) and to have collaboration at national and international level for information sharing and mitigation of cyber attacks. CERT-In regularly publishes Security Guidelines and advisories for safeguarding computer systems and these are widely circulated. CERT-In also conducts security workshops and training programs on regular basis to enhance user awareness.
• The ‘Crisis Management Plan for countering cyber attacks and cyber terrorism’ was prepared and circulated for implementation by all Ministries/ Departments of Central Government, State Government and their organizations and critical sectors.
• CERT-In is conducting mock cyber security drills to enable assessment of preparation of organizations to withstand cyber attacks.
• The Information Technology Act, 2000 as amended by the Information Technology (Amendment) Act, 2008 has been enforced on 27.10.2009. The Act provides legal framework to address the issues connected with security breaches of information technology infrastructure.
• National Informatics Centre (NIC) managing Govt. websites and providing e-mail service is implementing measures to secure the Govt. IT infrastructure from cyber attacks