CERT-In Current Affairs

Enter Your Email Address To Subscribe Current Affairs Daily Digest, Daily Quiz and other updates on Current Affairs:

Cabinet approves MoU between India and US in field of Cyber Security

The Union Cabinet has approved Memorandum of Understanding (MoU) signed between the Indian Computer Emergency Response Team (CERT-ln) and the US Homeland Security Department on cooperation in the field of Cyber Security.

The MoU was signed in January 2017 in New Delhi. It intends to promote closer co-operation and exchange of information pertaining to the Cyber Security between both strategic partners in accordance with the relevant laws, rules and regulations and on the basis of equality, mutual benefit and reciprocity.

About CERT-In (Indian Computer Emergency Response Team)
  • CERT-In is a government-mandated nodal agency for information technology (IT) security established in 2004 under the aegis of the Indian Department of Information Technology, Ministry of Electronics and IT.
  • According to the provisions of the IT Amendment Act, 2008, CERT-In is responsible for overseeing administration of the Act.
  • CERT-In’s Mandate: Protect Indian cyberspace and software infrastructure against destructive and hacking activities.
  • Respond to computer security incidents, report on vulnerabilities and promote effective IT security practices throughout the country.
  • Issue guidelines, vulnerability notes, advisories, and whitepapers regarding to information security practices, prevention, procedures, response and reporting of cyber security incidents.

Tags:

India-CERT inks MoU with US-CERT

India and USA have signed a Memorandum of Understanding (MoU) between the Indian Computer Emergency Response Team (CERT- In) and US Department of Homeland Security on cooperation in field of cyber Security.

The MoU was signed by Aruna Sundararajan, Secretary, Union Ministry of Electronics and Information Technology and Richard Verma, US Ambassador to India.

Key Facts
  • The MoU has been signed for the continuation to the cooperation in cyber security areas between both countries on the basis of equality, reciprocity and mutual benefit.
  • It intends to promote closer co-operation and the exchange of information pertaining to the Cyber Security in accordance with the relevant laws, rules and regulations of each economy.
Background

Earlier US and India signed had inked MoU in July 2011 to promote a closer cooperation and timely exchange of information between the organizations of their respective Governments responsible for Cyber Security. Since, the regular interactions between US CERT and CERT-In are taking place to share the information and discuss cyber security related issues.

About CERT-In (Indian Computer Emergency Response Team)

  • CERT-In is a government-mandated nodal agency for information technology (IT) security established in 2004 under the aegis of the Indian Department of Information Technology, Ministry of Electronics and IT.
  • According to the provisions of the IT Amendment Act, 2008, CERT-In is responsible for overseeing administration of the Act.
  • Mandate of CERT-In: (i) Protect Indian cyberspace and software infrastructure against destructive and hacking activities. (ii) Respond to computer security incidents, report on vulnerabilities and promote effective IT security practices throughout the country. (iii) Issue guidelines, vulnerability notes, advisories, and whitepapers regarding to information security practices, prevention, procedures, response and reporting of cyber security incidents.

Tags:

CERT-In warns micro-ATMs against malware attacks

The premier cyber security agency CERT-In has cautioned bankers, customers and traders against skimming and malware attacks on micro ATMs and Point of Sale (POS) terminals.

The move comes as usage of POS and micro-ATMs counters have witnessed a sharp surge post demonetisation. It has asked to adopt high-end encryption to plug possible breaches.

In this regard, CERT-In has issued two specific advisories for micro-Automated Teller Machines and POS terminals.

What are potential threats?
  • Skimming: It is the theft of classified credit/debit card data. Using this method, a hacker (thief) can obtain the victim’s card number using a small electronic device near the card acceptance slot and store hundreds of card details at a time.
  • Social engineering attack: It can be engineered at these banking and POS facilities, by gaining trust of the card owner as the fraudster poses as a member of staff.
What the CERT-In advisory says?
  • Micro-ATMs security features must be strong and updated in order to check attempts by hackers who stealthily plan to steal private customer and bank data.
  • Point to Point Encryption (P2PE) should be used to minimise this risk as it will encrypt the card data and keep it encrypted to the maximum extent throughout its life.
  • Banks and micro ATM operators must use some counter-measures to thwart cyberattacks.
  • Micro ATM must not transmit any confidential data unencrypted on the network. It must automatically log out the operator and lock itself after a period of inactivity.
  • Operators must keep all micro ATM software, application, anti-virus regularly updated and educate the customer about basic functionalities and security best practises.
  • Customers must render due diligence of securing their PIN and not sharing vital details with strangers.

Micro ATM: It work with minimal power and connect to central banking servers through a GPRS network. It enables the un-banked rural population to access banking services in their villages or towns. It offers facilities of deposit, withdrawal, balance enquiry, issuance of mini-statement and funds transfer.

CERT-In (Indian Computer Emergency Response Team): It is the nodal agency that deals with cyber security threats like hacking and phishing. It is government organisation under Union Ministry of Electronics and Information Technology. It aims to strengthen security-related defence of the Indian Internet domain.

Tags:

Advertisement

12