The Ministry of Electronics and Information Technology (Meity), Government of India declared that organizations such as service providers, data centers and even government entities should report incidents of cyber security breaches to the CERT-In within 6 hours. The announcement has been made on 28^th April, 2022 to further strengthen the present cyber environment. According to the cyber security guidelines published by the union government, this process would ensure Indicators of Compromise (IoC) related to cyber security incidents are available for immediately carrying out detailed investigation procedures and in-depth analysis of the said incidents.

CERT-In Mandates New Guidelines for Cyber Security Assessment

The government has also issued several new guidelines and directions that need to be followed so that the country’s cyber security system becomes stronger.

• Every services provider and other organizations should be connected to National Physical Laboratory (NPL) or Network Time Protocol (NTP) server of National Informatics Center (NIC) for ICT system clock synchronization.
• Organizations should also provide information related to cyber security incidents as well as conduct other activities to assist CERT-In for security mitigation and cyber awareness.
• Data centers and VPN providers should maintain records of subscribers or customers for a minimum period of 5 years after cancellation or withdrawal of subscriptions.
• Service providers related to virtual asset exchange and custodian wallet should mandatorily maintain information of KYC as well as records of every financial transaction for 5 years for ensuring cyber security.

According to the Union Ministry of Electronics and Information Technology, these guidelines would ensure a safe as well as trusted cyber environment by further enhancing overall cyber security infrastructure.

Different Types of Cyber Security Incidents According to CERT-In

The report also provides a detailed list of different types of cyber security incidents which need to be mandatorily reported within 6 hours of detection. A total of 20 types of security incidents are mentioned which are all recognized as serious cyber security threats by CERT-In. The security incidents are as follows:

1. Targeted scanning of systems
2. Critical systems and information compromise
3. Unauthorized access
4. Website intrusion
5. Malicious code and malware attacks
6. Server attacks
7. Phishing and identity theft
8. DoS and DDoS attacks
9. Attack on SCADA and critical infrastructure
10. Attack on E-Governance and E-Commerce
11. Data Breaching
12. Data Leaking
13. IoT attacks
14. Attack on digital payment systems
15. Attacks from mobile apps
16. Dummy mobile applications
17. Unauthorized access on social media
18. Attacks on cloud infrastructure
19. Attacks on virtual assets, blockchain, etc
20. Attacks on AI and ML applications

CERT-In is responsible for analysis and mitigation of cyber incidents and therefore, cyber attacks related to the above mentioned types should be mandatorily reported within 6 hours. However, it will create a challenge for some organizations due to lack of additional staff and management time.

We, a CERT-In empanelled agency, is the most preferred cyber security advisor that supports key public as well as private sector enterprises in the industry delivering state-of-the-art solutions on vulnerability and penetration testing (VAPT), managed security services, web application audit, NoC, SoC, SIEM/SOAR and many more. Our Anti-Ransomware Readiness (ARR) Audit is a combination of active and passive non-intrusive techniques that delivers a strong technical process to an organization to mitigate ransomware threats.

Do check our website www.primeinfoserv.com for more details or write us at info@primeinfoserv.com or contact us at +913340085677 for queries.