Search This Blog

Showing posts with label Indian Government. Show all posts

Indian Govt Bans Foreign Firms from Conducting IT Security Audits


The Indian Government directs the ministries and departments responsible of India's basic infrastructure to abstain from employing foreign firms to conduct IT security audits of its frameworks and systems; this was brought to light following the cyber-attack on Kudankulam Nuclear Power Plant.

From now onwards Indian firms empanelled for inspecting will require a clearance from domestic spy agency, Intelligence Bureau (IB) to preclude any foreign link. Security reviews in every one of the ministries and critical sectors are done to guarantee that nation's information infrastructure isn't vulnerable against attacks by hackers and that every one of the systems have a protected government firewall.

As per the reports looked into by Firstpost, Computer Emergency Response Team (CERT-IN) — under the domain of the Ministry of Electronics and Information Technology — has arranged a rundown of evaluating firms in consultation with the IB.

It has been additionally observed that certain critical segments are confronting dangers from numerous sources and increasing attacks on the frameworks are organised and targeted with the assistance of criminals and state actors to thusly receive monstrous rewards out of 'information compromise or espionage'.

The cyber criminals may indulge in fraud, conduct espionage to steal state and military mysteries and disturb critical infrastructures by misusing the vulnerabilities in any framework.

The administration archives state that, “The public sector, although increasingly relying on information technology, has not fully awakened to the challenges of security. Economic stability depends on uninterrupted operations of banking, finance, critical infrastructure such as power generation and distribution, transport systems of rail, road, air, and sea which are critically reliant on information technology.

Even though the focus has been on improving systems and providing e-governance services by various institutions, the IT networks and business processes have not placed the desired emphasis on information security," Aside from this there are a couple of different directives which have been issued for critical areas for protective observing of sensitive data and risk radiating from terrorist groups or enemy state.

Workers taking care of sensitive servers will be required to unveil the phone they are carrying, its serial number, model number alongside subtleties like security abilities and vulnerabilities and the critical segments will claim all authority to control official information on the said employee's mobile, including the privilege to back up, retrieve, modify, decide access or erase the organization's information without an early notice.

Likewise, people or specialists employed for security reviews of government frameworks will have to sign a non-disclosure agreement to anticipate spillage of sensitive information.

Indian Govt. Takes Steps For Preventing Incidents of Cyber Crimes; Improving Cyber Safety in the Country



With the ascent of phishing attacks being at its prime, Mr Ravi Shankar Prasad stresses at the government's contribution in finding a way to avoid more and more episodes of cyber security and improving the cyber safety in the nation.

The current Union Minister holding the Law and Justice and Electronics and Information Technology portfolios in the Govt. of India took to the Lok Sabha this issue and tended to it with most extreme consideration.

He wrote, “With the innovation of technology and rise in usage of cyber space, cyber-attacks such as phishing and identity theft are observed. Such phishing attacks are global phenomena which target users to trick them to divulge information such as online credentials."


According to the data accessible with Indian Computer Emergency Response Team (CERT-In), more than 260 phishing incidents were seen in the initial five months of 2019.

With the parliament informed on Wednesday , 26th June , the report was reviewed and it was observed that around 552 phishing incidents were observed during the year 2017, while in 2018, the number stood at 454, and in 2019 (till May) it was 268.

"CERT-In is working in coordination with Reserve Bank of India (RBI) and banks to track and disable phishing websites,” Prasad said including that CERT-In issues cautions and warnings in regards to most recent cyber threats and counter-measures on a regular basis to guarantee the safe utilization of digital technologies.

Security breached of Ayushman Bharat

Ayushman Bharat, the government run health insurance programme, on Saturday confirmed that there had been an attempted security breach. “There have been attempts to get illegal access to large medical data including sensitive personal information,’’ said Dr. Indu Bhushan, CEO Ayushman Bharat - Pradhan Mantri Jan Arogya Yojana.

Alerted about the intrusion 48 hours ago, the National Health Authority — which administers the programme — has now written to all State Governments alerting them about the threat and warning that no sensitive data be shared.

Describing the nature of the attempted breach, Dr. Bhushan said contact had been made with Ayushman Bharat employees urging them to leak sensitive information on the available health profiles of those covered by the scheme.

With more than 3 crore e-cards issued countrywide to individuals covered under the scheme and over 21 lakh hospital admissions, worth ₹2,820 crore, having been approved, the scheme is one of the world’s largest state-run health insurance programmes, according to the government. Health data is extremely sensitive and of great value to commercial and pharmaceutical companies.

“We have this data enveloped in multiple layers of security which is tough to penetrate,” explained Dr. Bhushan. “We also have a stringent access system for those within Ayushman Bharat and we were alerted, almost immediately, when the breach was attempted,’’ he said.

The authority is now also seeking assistance from the public to help ensure that the programme stays cybersecure and that patient data and records are not compromised in any manner.

“We are making a public appeal to please report such cases to @AyushmanNHA at the earliest for proper investigation and actions to mitigate any potential risk,’’ Dr. Bhushan said.

Ayushman Bharat has also had to combat multiple attempts to defraud individuals and companies “using our programmes as a disguise,” said an official, who spoke on condition of anonymity. “People have been offered jobs and some have even been duped saying that we charge for registration. All of this is illegal,’’ the official added.

Indian Government asks Apple and Google to remove TikTok from App Stores







The government of India has asked Google and Apple to remove the Chinese short-video sharing application TikTok from their app stores.

India’s Ministry of Electronics and Information Technology (MeitY) reportedly asked the companies to do so after the Supreme Court of India, refused to stay an order by the Madras High Court to ban the app. 

The bench was headed by the Chief Justice Ranjan Gogoi, and the matter was posted till April 22, as the Madras High Court is expected to hear the case on April 16. 

TikTok's official statement: ’’As per the proceedings in the Supreme Court today, the Madras High Court will hear the matter on ex party ad interim order. The Supreme Court has listed the matter again for April 22, 2019, to be apprised of the outcome of the hearing on the April 16th, 2019 before the Madurai Bench of Madras High Court.’’

‘’At TikTok, we have faith in the Indian Judicial system and the stipulations afforded to social media platforms by the Information Technology (Intermediaries Guidelines) Rules, 2011. We are committed to continuously enhancing our existing measures and introducing additional technical and moderation processes as part of our ongoing commitment to our users in India.’’

‘’In line with this, we have been stepping up efforts to take down objectionable content. To date, we have removed over 6 million videos that violated our Terms of Use and Community Guidelines, following an exhaustive review of content generated by our users in India."




Whatsapp Declines to comply with the Government’s Demand



With general elections scheduled to be held one year from now in India, the Indian Government is taking a strict prospect of the utilization of various social media platforms like Facebook, Twitter, and WhatsApp for the spread of prevarication of information.

In the light of the same it had requested from WhatsApp for a solution for track the outset of messages on its platform.

The Facebook owned firm though declined to comply with the government's request saying that the move will undermine the protection and privacy of WhatsApp users.

Sources in the IT Ministry have said that the administration has declared that WhatsApp should keep on exploring the specialized technical advancements whereby if there should be an occurrence of mass circulation of offensive and detestable messages whipping up clashes and delinquency, the outset can be figured out easily.

The ministry is additionally looking for an all the more firm affirmation of the assent with Indian laws from the company, along with the foundation of grievance officer with a wide framework.

Accentuation has been given to the fact that a local corporate entity, subject to Indian laws, ought to be set up by the company in the outlined time period.


Prior this week the WhatsApp Head Chris Daniels got together with the IT Minister Ravi Shankar Prasad for tending issues similar to this one. After the gathering, Mr. Prasad said that the legislature has requested that WhatsApp set up a local corporate entity and uncover a technological solution in order to ascertain the outset of the  phony messages circled through its platform simultaneously commission  a grievance  officer.

 “People rely on WhatsApp for all kinds of sensitive conversations, including with their doctors, banks and families. Building traceability would undermine end-to-end encryption and the private nature of WhatsApp, creating potential for serious misuse,” the Facebook-owned firm said on Thursday.

“WhatsApp will not weaken the privacy protections we provide,” a company spokesperson stressed, adding, “Our focus remains working closely with others in India to educate people about misinformation and help keep people safe.”

A month ago, WhatsApp top administrators, including COO Matthew Idema, met IT Secretary and other Indian government authorities to summarize the several different advances being taken by the company on this issue.