17 December 2016

Govt to audit banking tech to check cyber crime


In a bid to tackle cybercrime, the central government is planning to review the Information Technology Act.

A technology infrastructure audit of the National Payments Corporation of India (NPCI), for possible holes that could be exploited by cyber criminals, is also on the government's action plan.

The government, which plans to strengthen the computer emergency response team or CERT-In with ethical hackers who would respond to cyberattacks across the country, has directed digital payment agencies to report to CERT-in if any unusual activity is discovered on their platforms.

The IT ministry has approved setting up of CERTs in 5 states and creating 26 new posts in CERT-In.

"All digital payments agencies have been asked to report to CERT-In any unusual activity on their platforms. We are taking several measures to ensure a resilient system. We will audit the IT infrastructure of NPCI and have formed crack teams at CERT-In for immediate response," Union Information Technology Minister Ravi Shankar Prasad said.

"CITOs (chief IT officers) have been appointed in every ministry and government department. We are undertaking a massive programme to create awareness among the administrative machinery," the minister added.

Separately, the government is engaging ethical hackers to prevent breaches, technology the news portal Factordaily reported on Wednesday.

The move by the government comes in the wake of claims by Legion, a cyber criminal gang, which says it has found flaws in India's banking infrastructure that could potentially lead to breaches and having email dumps of parliamentarians from sansad.nic.in, the email service hosted by the National Informatics Centre, the government's technology arm.

The government's push for legal backing is also due to the lack of provisions to compensate consumers if they lose money due to a cyber breach on wallets.

The IT ministry has already formed a small group of officials under Secretary Aruna Sundararajan.

“The Act came into being in 2000. It has, by and large, served us well. Now, as we move towards a digital economy, we are reviewing if there is a need to relook at its architecture, to make it more deterrent for cyber criminals,” Prasad said. The government has formed two teams in CERT-In, one to respond to cyber-attacks and the other to monitor digital payments, which has, in the past one month, seen a 1,000 per cent surge. The ministry has till date issued eight advisories on usage of different types of digital payments.

No comments: