The government is planning to set up separate cyber security teams for different sectors in the face of emerging cyber threats such as the recent ransomware attack
and fringe incidents of leaks of Aadhaar database. A centralised hub to monitor and take on such attacks is also on the agenda.
Minister Ravi Shankar Prasad
on Tuesday said the government was planning to set up a separate Indian Computer Emergency Response Teams (CERT-In) for the financial and power sectors to deal with specific cyber threats. “Cyber security is a vast area. We want to divide it for a more specialised approach. A separate CERT for the financial sector and a dedicated digital payment division will ensure and secure the digital payments ecosystem.”
The minister said the government had taken adequate precautions to combat the threat of ransomware. “India
was least affected as we took precautions such as installing patches and updating softwares.”
Experts, however, believe India
is not prepared to shield itself from massive cyber attacks and needs to work more in this area. “The IT Act needs to be strengthened as threats such as ransomware are not covered in it. Aadhaar details have been leaked, which is again a major security risk. So, the legal and policy frameworks need to be in place,” said Pavan Duggal, cyber law expert and advocate in the Supreme Court.
On the safety of Aadhaar data, the minister reiterated it was the most secure database in the country. Last month, details of more than a million people in Jharkhand were leaked in a data breach. Prasad said strict action would be taken against the officials responsible for the breach.
The government said a cyber coordination centre, most likely in the capital, would be set up by June this year. Nearly a dozen companies in India
and about 18 computers of the Andhra Pradesh police were affected in the global ransomware attack.
Government and private cyber security experts were pressed into service to decrypt the affected systems.
CERT-In had issued an advisory on what precautions should be taken and updating security for computers and servers. It was working closely with various nodal agencies to assess vulnerabilities in government systems.
The government has issued directives to banks to do routine technology audits. It is setting around 10 standardisation testing and quality certification centres, in Jammu and Kashmir, Uttarakhand, Chattisgarh, Bihar and Jharkhand. The government is also conducting a recruitment drive for 111 new posts created for cyber experts. It will also work with private firms to reinforce cyber security of different areas.
“Cyber security drills and auditing for assessment of security preparedness of organisations are being done,” it said. The Centre has approved an outlay of Rs 100 crore for a project to clean botnets on real time basis.