Press Information Bureau

Government of India

Ministry of Communications & Information Technology

26-April-2012 18:07 IST

Preliminary discussions have been held on establishment of a multi stakeholder Cyber Coordination Centre which will detect malicious cyber activities in the Indian Cyber space and issue early warning alerts. 

The Minister of State For Communications  and Information Technology ,Shri Sachin Pilot informed the Lok Sabha yesterday that such alerts will facilitate mitigation of cyber-attacks with coordinated efforts of all stakeholders in Government, academia and Industry.

Shri Pilot said, according to the Indian Computer Emergency Response Team (CERT-In), 133 Government websites were hacked during January to March this year.   A total of 92, 204 and 248 Government websites were hacked in 2009, 2010 and 2011 respectively.   

He further informed that according to the Norton Cyber Crime Report published in 2011, US $ 4 billion were lost due to cyber-crime in India compared to US $ 114 billion world-wide.  The Report further noted that 80% of the people surveyed experienced cyber-crime.  The data is not validated but the report is based on a survey involving over 19,000 people across 24 countries including 600 from India. 

The Minister informed that according to Reserve Bank of India, 2232 Internet fraud cases involving nearly Rs 1234.94 lakh were registered in the year 2010. CBI registered 2 cyber-crime cases involving Rs. 17 Lakhs in 2010.

Shri Pilot informed that the Government has taken the following measures to tackle cyber-crimes:

(i)  Legal Framework in the form of Information Technology Act, 2000. The Act provides legal framework to address the issues connected with cyber-crime, cyber-attacks and security breaches of information technology infrastructure.

ii) Setting up of Early Warning and Response to cyber security incidents through the Indian Computer Emergency Response Team (CERT-In) and collaboration at national and international level for information sharing and mitigation of cyber-attacks.

iii) CERT-In regularly publishes Security Guidelines and advisories for safeguarding computer systems from hacking and these are widely circulated. CERT-In also conducts security mock drills, workshops & training programs on regular basis to enhance security posture of infrastructure and awareness.

iv) The organizations operating critical information infrastructure have been advised to implement information security management practices based on International Standard ISO 27001. Ministries and Departments have been advised to carry out security audit of their information technology infrastructure regularly to ensure robustness of their systems.

v) The Government has circulated Cyber Security Policies and Guidelines for implementation in all Ministries/ Departments.

 vi) Government is facilitating skill & competence development in the area of cyber security by providing domain specific trainings on Cyber Forensics, Network & System Security Administration. Labs for training in collection and analysis of digital evidence for Law Enforcement & Judiciary have been setup.

vii) The Government has formulated Crisis Management Plan for countering cyber-attacks and cyber terrorism.  This is being   implemented by all Ministries/ Departments of Central Government, State Governments and their organizations and critical sectors.

BK/AT/PM

Cybersecurity coordination to enable early warning alerts and coordinated mitigation of malicious cyber activity across stakeholders. A proposed multi stakeholder Cyber Coordination Centre will detect malicious activity and issue early warning alerts to enable coordinated mitigation by government, academia and industry. Measures complementing this mechanism include the Information Technology Act legal framework, national incident response advisories and security guidelines, adoption of recognised information security management practices by critical infrastructure operators, regular security audits, cyber security policies for government bodies, targeted training in cyber forensics and network security, and a Crisis Management Plan for countering cyber attacks and terrorism.