computers and cyber security
TRANSCRIPT
Computers and
Cyber SecurityBy Dr. Roman Saini
Basics of Computers
What is A Computer?
● Computer is an electronic device that can count, write and solve complex problems with high accuracy and speed.
● The two main types of computers are:
○ Analog computer in which numbers are represented by magnitudes of such physical quantities as voltages, mechanical movements etc.
○ Digital computer in which numbers are expressed directly as digits, usually in binary notation i.e. 0 and 1.
The more versatile and most modern computers are digital.
The Computer Generations
● There are five Generations of Computers depending on the design, size, speed, and performance:
First generation computers (1946-59):
● Use of vacuum tubes
● These were quite bulky, slow computers that had limited memory.
● They had used vacuum tube, punched cards and punched paper tape for input and output of data.
● Used low level programming languages and primitive operating systems.
● Examples are EDSAC, ENIAC, IBM-650.
Second generation computers (1959-65):
● Use of Transistors
● These used transistors which reduced the size of computer to manageable proportions.
● They required less power and were more reliable.
● They had large speed (about 10^6 operations/sec) and memory.
● They had used languages such as COBOL, FORTRAN, etc. and performed special functions.
● Examples are: IBM-7090/7094 series, CDC 1604, etc.
Third generation computers (1965-79):
● Use of Integrated Circuits
● The invention of integrated circuits (IC), which are miniature electronic circuits heralded the era of third-generation computers.
● Use of IC have made possible the development of mini and micro systems with many advantages like high processing speed, more reliability, easy maintenance, large speed and storage capacity, sophisticated operating systems, etc.
● These were the first computers where users interacted using keyboards and monitors which interfaced with an operating system, a significant leap up from the punch cards and printouts.
● Examples - IBM-360 series, CDC 6000/7000 series, ICL 1900/ 2900 series etc.
Fourth generation computers (1979- Present):
● Use of Microprocessors
● These computers use large scale integrated circuits (LSD) and very large scale integrated circuits (VLSI) which are more compact.
● These computers are versatile, have large speed and extremely large memory.
● Examples are ISM-370, CYBER, CRAY, FLOSOLVER, PARAM supercomputers etc.
Fifth generation computers and beyond:
• Use of Artificial Intelligence
• These computers, though not commercially available as yet, are said to belong to future and are expected to exhibit artificial intelligence (to think like human beings).
• Efforts are on to develop such computers.
Computer Hardwares
● A computer has mainly three parts-
○ Input Devices,
○ Processor and
○ Output Devices.
● The input devices are – Mouse, Keyboard, Trackballs, Scanners, Touch Pads, Light Pens and Joysticks Optical Character Reader and Barcode Scanner.
● The output devices are – Monitors, Printers, Plotters, Speakers, Speech Synthesizers, Optical Mark Reader.
Functional Units
Central Processing Unit:
● Central Processing Unit (CPU) is the main unit that executes instructions.
● This unit communicates with and often controls the operation of other subsystems within the computer.
● CPU keeps track of the address of the memory location to execute the program.
● CPU fetches one instructions at a time from successive memory locations and performs the functions specified.
Arithmetic Logical Unit:
● Arithmetic logical unit (ALU) performs major operations - addition, subtraction, multiplication and division.
● The actual processing of the data and instructions are performed by Arithmetic Logical Unit.
Control unit:
● It acts like a manager of all operations determining the sequence in which computer programs and instructions are executed.
Memory unit:
● MU stores the data entered through the Input Device.
● There are two types of storage devices:
○ Fixed Data Storage devices are built in devices provided with the computer.
○ Removable Data Storage devices are used to increase the storage capacity and easy for a user to move data from one computer to another.
Computer Language
● Computer language is a medium to communicate with a computer system.
● Computer Programs are instructions that are given to the computer in Computer Language.
● The computer languages are classified as:
○ Low Level Languages
○ High Level Languages
○ Database Languages
Low Level Language
● The Low level languages developed first were machine dependent.
● These are of two types
1. Machine Languages - The only languages understood by computers. Each instruction is a binary string which indicates the operations to be performed.
2. Assembly languages - The language used to write a computer program before it is turned into machine code.
These are specific to particular computer architecture and uses descriptive names for operations and data.
e.g. , “LOAD value”, “ADD data”, “STORE value”.
High Level Language
● The High-level languages are machine independent.
● These can be used on different types of computers without modifications.
● Compilers translate them to machine languages.
● Examples are FORTRAN, PASCAL, COBOL, C, C++, BASIC etc.
Database Language
● Database Languages facilitate in creating database, entering and editing the data records, adding new records, deleting records, searching and displaying the records, preparing the reports, sorting.
● Examples are DBASE, FOXPRO and ORACLE etc.
Computer Software
● It is the programming code that is executed on a computer processor.
● This code can be machine-level code or code written for an operating system.
● In other words, the digital programs running on the hardware are the software.
● They can be updated or replaced much easier than hardware.
● Computer Software is classified as
1. Application Software
2. System Software
Application Software
● The Application Software is a type of program that is used once the operating system has been loaded. Examples are:
○ Word-Processing programs (Microsoft Word, Lotus Word Pro, WordPerfect),
○ Spreadsheets And Databases (Microsoft Excel, Lotus 123),
○ Database (Microsoft Access, Lotus Approach),
○ Payroll (Sage software),
○ Presentation tools (Microsoft PowerPoint, Lotus Freelance),
○ Desktop publishing (Adobe Photoshop) and Multimedia applications.
System Software
● The System Software known as OS (Operating System) is a special type of program that loads automatically on starting the computer.
● The OS allows the use of the advanced features of a modern computer without having to learn all the details of how the hardware works.
● E.g. Microsoft Windows 10, macOS, etc.
Cyber Security
Cyber Space
● Cyber space is the virtual world of computers that provides a global computer network to facilitate online communication.
● It is a global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
● Cyber security refers to the technologies, processes and practices to protect computer systems from attack, damage or unauthorized access.
Threats to Cyberspace
● Cyberspace and its underlying infrastructure are vulnerable to attacks from sophisticated cyber criminals as well as nations which steal information and money and disrupt, destroy, or threaten the delivery of essential services.
● Traditional crimes like distribution of child pornography, financial theft, extortion of money etc. are now perpetrated through cyberspace.
Challenges
● The challenges to secure cyberspace include:
○ The ability of cyber criminals to operate from anywhere in the world
○ The linkages between cyberspace and physical systems
○ The difficulty of reducing vulnerabilities and consequences in complex cyber networks.
Some Important Term
Access:
● The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions.
Access control:
● The process of granting or denying specific requests for or attempts to:
○ obtain and use information and related information processing services;
○ enter specific physical facilities.
Anti Spyware software:
● A program that is designed to detect and remove unwanted spyware programs.
Antivirus software:
● A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents.
Cyber infrastructure:
● An electronic information and communications systems and services and the information contained therein.
Critical infrastructure:
● The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such infrastructure may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters.
Cyber Ecosystem :
● The interconnected information infrastructure of interactions among persons, processes, data, and information and communications technologies, along with the environment and conditions that influence those interactions.
Cyber exercise:
● A planned event during which an organization simulates a cyber disruption to develop or test capabilities such as preventing, detecting, mitigating, responding to or recovering from the disruption.
Cyber warfare:
● Actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.
Cyber exploitation or cyber espionage:
● Penetration of adversary computers and networks to obtain information for intelligence purposes; this is espionage, not a destructive activity.
Cyber attacks:
● Deliberate actions to alter, disrupt, deceive, degrade, or destroy computer systems or networks or the information and/or programs resident in or transiting these systems or networks.
Data breach:
● The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.
Data integrity:
● The property that data is complete, intact, and trusted and has not been modified or destroyed in an unauthorized or accidental manner.
Data loss:
● The result of unintentionally or accidentally deleting data, forgetting where it is stored, or exposure to an unauthorized party.
Digital forensics:
● The processes and specialized techniques for gathering, retaining and analyzing system-related data (digital evidence) for investigative purposes.
Digital signature:
● A value computed with a cryptographic process using a private key and then appended to a data object, thereby digitally signing the data.
Firewall:
● A capability to limit network traffic between networks and/ or information systems.
Hacker:
● An unauthorized user who attempts to or gains access to an information system.
Macro virus:
● A type of malicious code that attaches itself to documents and uses the macro programming capabilities of the document’s application to execute, replicate, and spread or propagate itself.
Malicious applet:
● A small application program that is automatically downloaded and executed and that performs an unauthorized function on an information system.
Malicious code:
● Program code intended to perform an unauthorized function or process that will have an adverse impact on the confidentiality, integrity, or availability of an information system.
Malicious logic:
● Hardware, firmware, or software that is intentionally included or inserted in a system to perform an unauthorized function or process that will have an adverse impact on the confidentiality, integrity, or availability of an information system.
Phishing
● It includes email messages, websites, and phone calls done by cyber criminals to steal money.
● Cybercriminals also use social engineering to dupe a victim of his/her money.
● They pose as trusted entities and send e-mail or message or make a phone call to individuals and convince them to hand over confidential details or passwords or information under false claims.
Malware
● Malware is short for malicious software.
● It is a software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host computer.
● The most common types of malware are adware, bots, bugs, rootkits, spyware, Trojan horses, viruses, and worms.
Computers infected with malware may show the following symptoms:
● Increased CPU usage, slow computer or web browser speeds
● Problems connecting to networks
● Freezing or crashing of system, modified or deleted files
● The appearance of strange files, programs, or desktop icons
● Programs running, turning off, or reconfiguring themselves
● Emails/ messages being sent automatically and without the user’s knowledge
1. Adware
● Adware (advertising-supported software) is a type of malware that automatically delivers advertisements.
● Common examples of adware include pop-up ads on websites and advertisements that are displayed by the software.
● Often software and applications offer “free” versions that come bundled with adware.
● Most adware is sponsored or authored by advertisers and serves as a revenue generating tool.
2. Bots
● Bots are software programs created to automatically perform the specific operation.
● Bots can be used in botnets (collections of computers to be controlled by third parties) for DDoS attacks, as spam bots that render advertisements on websites, as web spiders that scrape server data, and for distributing malware disguised as popular search items on download sites.
● Websites can guard against bots with CAPTCHA tests that verify users as human.
● BOTNET attack is emerging as a serious cyber attack which leads to denial of service.
DDoS attacks-
● A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by bombarding it with traffic from multiple sources.
● DDoS target a wide variety of important resources, from banks to news websites, and present a major challenge to people who wish to publish and access important information.
3. Bug
● It is a flaw that produces an undesired outcome.
● These flaws are usually the result of human error and typically exist in the source code or compilers of a program.
● Significant bugs can cause crashing or freezing.
● Security bugs are the most severe type of bugs and can allow attackers to bypass user authentication, override access privileges, or steal data.
4. Ransomware
● Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom.
● The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages that are intended to force the user to pay the malware creator to remove the restrictions and regain access to their computer.
● WannaCry that attacked computer users worldwide in May 2017 was a ransomware.
5. Rootkit
● A Rootkit is a type of malicious software designed to remotely access or control a computer without being detected by users or security programs.
● Once a rootkit has been installed it is possible for the malicious party behind the rootkit to remotely execute files, access/steal information, modify system configurations, alter software (especially any security software that could detect the rootkit), install concealed malware, or control the computer as part of a botnet.
● Rootkit prevention, detection, and removal can be difficult due to their stealthy operation.
6. Spyware
● Spyware is a type of malware that functions by spying on user activity without their knowledge.
● These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more.
● Spyware often has additional capabilities as well, ranging from modifying security settings of software or browsers to interfering with network connections.
7. Trojan
● A Trojan horse, commonly known as a “Trojan,” is a type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware.
● A Trojan can give a malicious party remote access to an infected computer.
● Once an attacker has access to an infected computer, it is possible for the attacker to steal data, install more malware, modify files, monitor user activity (screen watching, keylogging, etc.), use the computer in botnets, and anonymize internet activity by the attacker.
8. Virus
● A Virus is a form of malware that is capable of copying itself and spreading to other computers.
● Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs.
● Viruses can also spread through script files, documents, and cross-site scripting vulnerabilities in web apps.
9. Worm
● Worms spread over computer networks by exploiting operating system vulnerabilities.
● Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers.
Different Cyber Players
Cyber Criminals:
● Seeking commercial gains from hacking financial organizations as well as the phishing scam and computer ransomware.
Cyber Terrorist:
● Target to penetrate and attack critical assets and national infrastructure to affect the political power and branding.
Cyber Espionage:
● Using malware to penetrate both corporate and military data servers in order to obtain plans and intelligence
Cyber Hacktivists:
● They are anonymous with political agendas that hacks sites and servers to virally communicate the message for specific campaigns.
Hardware Security Concerns
● Most equipment and technology for setting up Cyber Security infrastructure in India are currently procured from global sources.
● These systems are vulnerable to cyber threats just like any other connected system.
● There are various types of hardware attacks which includes the following.
1. Manufacturing backdoors may be created for malware or other penetrative purposes.
2. Backdoors may be embedded in radio frequency identification (RFID) chips and memories.
3. Unauthorized access to protected memory
4. The inclusion of faults for causing the interruption in the normal behavior of the equipment.
5. Hardware tampering by performing various invasive operations
6. Through the insertion of hidden methods, the normal authentication mechanism of the systems may be bypassed.
Budapest Convention
● The Convention on Cybercrime or Budapest Convention is the only binding multilateral treaty instrument aimed at combating cybercrime.
● It was drafted by the Council of Europe with active participation from its observer states in 2001.
● The Convention provides a framework for international cooperation between state parties to the treaty.
● It is open for ratification even to states that are not members of the Council of Europe.
● India has not signed the convention as the convention was drafted without its participation.
● India also believes that the Budapest Convention in its present form is insufficient in tackling cyber crimes.
● The convention has been criticized for being inadequate to ensure a cyberspace free of criminal activity.
● Another drawback is that some of its provisions breach a nation’s sovereignty.
● The example is Article 32 which allows local police to access servers located in another country’s jurisdiction, even without seeking sanction from authorities of the country.
Offences under Convention
● The substantive offenses under the Convention can broadly be classified into
○ Offenses against the confidentiality, integrity, and availability of computer data and systems
○ Computer-related offenses
○ Content-related offenses
○ Criminal copyright infringement.
Global Risk Report, 2019
● It was released by the World Economic Forum in January, 2018.
● It describes changes occurring in the global risks landscape from year to year and identifies global catastrophic risks.
● It highlights India’s history of malicious cyber-attacks and lax cybersecurity protocols which led to massive breaches of personal information in 2018.
● It also specifically mentions the government ID database, Aadhaar, which has reportedly suffered multiple breaches that potentially compromised the records of all 1.1 billion registered citizens.
Cyber Attacks in India since 2016
Cyber Attacks In India in 2016
Heist:
● Through a phishing email sent to an employee, hackers accessed the credentials to execute a fund transfer, swindling Union Bank of India of $171 million.
● It was possible by the prompt action to help the bank recover almost the entire money.
Cyber Attacks In India in 2017
Wanna Cry:● WannaCry, a crypto-ransomware that is also called WannaCrypt, affected at
least 200,000 computers in 150 countries, including India in May 2017. ● The WannaCrypt encrypted data on a computer within seconds and displayed
a message asking the user to pay a ransom of $ 300 in Bitcoins to restore access to the device and the data inside.
● The global ransomware attack took its toll in India with several thousand computers getting locked down by ransom-seeking hackers.
● The attack also impacted systems belonging to the Andhra Pradesh police and state utilities of West Bengal.
Petya/Not Petya:
● It is a ransomware that infected networks in multiple countries and attacked giants like the US pharmaceutical company Merck, Danish shipping company Maersk, and Russian oil giant Rosneft in 2017, a month after WannaCry attacks.
● Ukraine was reported to be the worst affected country in the attack.
● In India, operations at Gateway Terminals India (GTI) at Jawaharlal Nehru Port Trust (JNPT) in Mumbai were stopped due to the attack.
● The terminal is handled by A.P. Moller-Maersk, the Danish business conglomerate.
Data Theft:
● The food tech company Zomato discovered that data, including names, email IDs and hashed passwords of 17 million users was stolen by an ‘ethical’ hacker.
● They demanded that the company must acknowledge its security vulnerabilities and put up for sale on the Dark Web.
Cyber Attacks In India in 2018
SIM Swap Fraud:
● In August 2018, two men from Navi Mumbai were found involved in fraudulent activities concerning money transfers from the bank accounts of numerous individuals by getting their SIM card information through illegal means.
● They were accused of transferring 4 crore Indian Rupees effectively from various accounts.
● They even dared to hack the accounts of a couple of companies.
Cyber Attack on Cosmos Bank:
● It was carried in August 2018 on Cosmos Bank’s Pune branch which saw nearly 94 Crores rupees being siphoned off.
● Hackers wiped out money and transferred it to a Hong Kong situated bank by hacking the server of Cosmos Bank.
● Hackers hacked into the ATM server of the bank and stole details of many visa and rupay debit cards owners.
ATM System Hacked:
● In July 2018 fraudsters hacked into Canara bank ATM servers and wiped off almost 20 lakh rupees from different bank accounts.
● It was believed that they were holding the account details of more than 300 ATM users across India.
● The hackers used skimming devices on ATMs to steal the information of debit card holders and made a minimum transaction of INR 10,000 and the maximum of INR 40,000 per account.
Websites Hacked:
● As per the information presented by the Indian Computer Emergency Response Team, over 493 websites were affected by malware propagation including 114 websites run by the government.
● The attacks were intended to gather information about the services and details of the users in their network.
● UPSC website was hacked in Sep 2018; the UPSC official website homepage displayed an image of a heart and the cartoon character along with the caption: “Doraemon!!!! Pick up the call”.
● And it was hacked for an experiment by a 17 year old boy who is pursuing a course in cyber hacking.
Cyber Security in India
National Cyber Security Policy 2013
● It is a policy framework by Ministry of Electronics and Information Technology (MeitY).
● It aims to protect the public and private infrastructure from cyber attacks in India.
● It also enables the individual sectors and organizations in designing appropriate cyber security policies to suit their needs.
● To create a cyber security framework, which leads to specific actions and programmes to enhance the security posture of country’s cyberspace.
Vision of the policy:
● “To build a secure and resilient cyberspace for citizens, business and government and also to protect anyone from intervening into your privacy.”
Mission of the Policy:
● To protect information and information infrastructure in cyberspace,
● To build capabilities to prevent and respond to the cyber threat,
● To reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology, and cooperation.
Objectives:
● To create a secure cyber ecosystem in the country, generate adequate trust and confidence in the IT system and transactions in cyberspace and thereby enhance adoption of IT in all sectors of the economy.
● To create an assurance framework for the design of security policies and promotion and enabling actions for compliance with global security standards and best practices by way of conformity assessment.
● To strengthen the Regulatory Framework for ensuring a secure cyberspace ecosystem.
● To improve the visibility of integrity of ICT products and services by establishing infrastructure for testing & validation of security of such product.
● To enhance and create National and Sectoral level 24X7 mechanism for obtaining strategic information regarding threats to ICT infrastructure, creating scenarios for response, resolution and crisis management through effective predictive, preventive, protective response and recovery actions.
● To create a workforce for 500,000 professionals skilled in the next 5 years through capacity building skill development and training.
● To provide financial benefit to businesses for the adoption of standard security practices and processes.
● To enable Protection of information while in the process, handling, storage & transit so as to safeguard the privacy of citizen's data and reducing economic losses due to cybercrime or data theft.
● To enable effective prevention, investigation, and prosecution of cybercrime and enhancement of law enforcement capabilities through appropriate legislative intervention.
● To create a culture of cybersecurity and privacy enabling responsible user behaviour & actions through effective communication and promotion strategy.
● To develop effective public-private partnerships and collaborative engagements through technical and operational cooperation and contribution for enhancing the security of cyberspace.
● To enhance global cooperation by promoting shared understanding and leveraging relationships for furthering the cause of security of cyberspace.
CERT-In
● CERT-In stands for 'Indian Computer Emergency Response Team'.
● CERT-In is the National Incident Response Centre for major computer security incidents in India.
● CERT-in runs under the aegis of MeitY.
Functions:
● Its primary role is to raise security awareness among the Indian cyber community.
● It provides technical advice to system administrators and users to respond to computer security incidents.
● It provides channels of communication, via telephone, fax and email, through which system administrators and users can report computer security incidents or issues.
● It also identifies trends in intruder activity, works with other similar institutions & organizations to resolve major security issues, and disseminates information to the Indian cyber community.
● It also enlightens its constituents about the best practices for various systems & networks by publishing advisories, guidelines and other technical documents.
● CERT-In has prepared best practices & system specific security guidelines to help the Indian cyber community to enhance the security of their systems and networks.
Cyber Swachhta Kendra
● Ministry of Electronics and Information Technology (MeitY) launched Cyber Swachhta Kendra - Botnet Cleaning and Malware Analysis Centre in February 2017.
● This is a part of MeitY’s Digital India initiative aimed at creating a secure cyberspace by detecting botnet infections in India and to notify, enable cleaning and securing systems of end-users to prevent further infections.
● The center is operated by the Indian Computer Emergency Response Team (CERT-In).
● It aims to enhance coordination between the Government and industry in order to encourage cyber hygiene among all end-users and to create a secure and safe internet ecosystem in India.
Objective:
● With the growth in digitalization and the proliferation of broadband and mobile internet, security of end users’ systems is vital for enhancing their trust in ICT and online transactions.
● User information from the computer and the mobile devices can be compromised if systems get affected with Bots.
● Users, therefore, need to practice a rigid cyber hygiene regimen to prevent malware infections on their systems and to ensure the security of their systems through suitable anti-malware tools.
● The Cyber Swachhta Kendra provides free tools for detection and removal of malicious programmes.
Tools for the end user:
● The end-user can log on to the Cyber Swachhta Kendra Portal (www.cyberswachhtakendra.gov.in) and clean their systems using the free cleaning tools.
● Users can also educate themselves about the various cyber threats and get information on the security tips in order to secure their computers, mobiles and prevent infections in their systems.
Tools released for citizens include:
1. USB Pratirodh -
● A desktop security solution, which protects from the USB mass storage device threat.
2. App Samvid - ● A desktop solution which protects systems by allowing installation of
genuine applications through whitelisting.
● This helps in preventing threats from malicious applications.
3. M-Kavach (for Mobile devices)
● This tool is a comprehensive mobile device security solution for Android devices addressing threats related to mobile phones.
● It addresses threats related to malware that steal personal data & credentials, misuse Wi-Fi and Bluetooth resources, lost or stolen mobile device, spam SMS, premium-rate SMS, and unwanted/unsolicited incoming calls.
4. Browser JSGuard
● This tool is a browser extension which detects and defends malicious HTML & JavaScript attacks made through the web browser.
Cyber Surakshit Bharat Initiative
● Ministry of Electronics and Information Technology (MeitY), announced the Cyber Surakshit Bharat initiative in association with National e-Governance Division (NeGD) in January 2018.
● It is a mission to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
● It is operated on the three principles of Awareness, Education and Enablement.
● It includes an awareness program on the importance of cybersecurity; a series of workshops on best practices and enablement of the officials with cybersecurity health tool kits to manage and mitigate cyber threats.
● It is the first public-private partnership of its kind and will leverage the expertise of the IT industry in cybersecurity.
National Cyber Coordination Center
● The first phase of the center became operational in August 2017.
● NCCC is a multi-stakeholder cyber-security and e-surveillance agency.
● It comes under the Indian Computer Emergency Response Team (CERT-In), Union Ministry of Electronics and Information Technology.
● It derives powers under from provisions of section 69B of the Information Technology Act, 2000.
● It will be India's first layer for cyber threat monitoring.
● All communication with the government as well as the private service providers will be monitored round the clock.
● Its mandate is to scan internet traffic and communication metadata (which are little snippets of information hidden inside each communication) coming into the country to detect real-time cyber threats.
● The system will then alert various organizations as well as internet service providers (ISPs) for timely action against the threats.
● NCCC also will coordinate across multiple intelligence agencies.
● It will virtually be in touch with the control room of all ISPs, flowing at the point of entry and exit, including international gateways.
● Apart from monitoring the Internet, the NCCC will also look into various threats posed by cyber attacks.
GoI Initiatives to Prevent incidents of Cybercrime
● The Information Technology Act, 2000 together with Indian Penal Code have adequate provisions to deal with prevailing Cyber Crimes.
● It provides punishment in the form of imprisonment ranging from two years to life imprisonment and fine / penalty depending on the type of Cyber Crime.
● However, Government has taken a number of legal, technical and administrative measures to prevent incidents of cyber crimes.
These include
1. Cyber Police Stations and Cyber Crime Cells have been set up in each State for reporting and investigation of Cyber Crime cases.
2. MeitY has setup Cyber Forensics Training Labs in north-eastern States and cities such as Mumbai, Pune, Kolkata and Bangalore to train State police officials and judiciary in cybercrime detection and collection, preservation and seizing of electronic evidence and dealing with cybercrime.
3. Various steps have been taken by Ministry of Home Affairs, Meity and State Government to modernize the setup and equip police personnel with knowledge and skills for prevention and control of cybercrime through various national and State Police academies/judicial academies and other institutes.
4. Ministry of Electronics & Information Technology has issued an advisory on the functioning of Matrimonial website under Information Technology Act, 2000 and Rules made thereunder directing the matrimonial websites to adopt safeguards to ensure that people using these websites are not deceived through the means of fake profiles or misuse/wrong information posted on the website.
5. The Government has circulated Computer Security Policy and Guidelines to all the Ministries/Departments on taking steps to prevent, detect and mitigate cyber attacks.
6. A portal namely www.cybercrime.gov.in has been developed by the Ministry of Home Affairs to allow the public to report cyber crime complaints.
Defence Cyber Agency
● It is a tri-service command of the Indian Armed Forces headquartered in New Delhi.
● It is tasked with handling cyber security threats.
● It was recommended by the Naresh Chandra Task Force was set up in July 2011 to review the recommendations of the Kargil Review Committee, assess the implementation progress and further suggest new reforms related to national security.
● It was one among the tri-service commands recommended by the committee and was approved by the Prime Minister in September, 2018.
Thank You!