Govt To Review IT Act To Tackle Cyber Crime

by CXOtoday News Desk    Dec 15, 2016

Cyber Security

Amidst the growing incidences of cyber attacks on strategic establishments and key individuals, the government is now mulling a review of the existing Information Technology (IT) Act to strengthen the current cyber security infrastructure in the country. The new amendments aimed at building a strong cyber security framework to address the security challenges as the country is rapidly heading towards digital economy. 

“The IT Act came out in 2000. Since then, it has by and large served us well. Now, as we move towards a digital economy, we are reviewing if there is a need to re-look at the IT Act architecture to make it more of a deterrent for cyber criminals,” Minister for Electronics and IT Ravi Shankar Prasad said.

A “closed group”, under IT Secretary Aruna Sundarajan, has been reportedly set up to look into various aspects of the Act in line with the changing times.

The Ministry of Electronics and IT (MeitY), which will soon issue advisories to all digital payment agencies including banks and e-wallets providers “to harden security walls”, has also set up a separate ‘digital payments’ division under Indian Computer Emergency Response Team (CERT-In). 

It is to be noted that hacker group Legion recently cracked into Congress Vice President Rahul Gandhi and the Indian National Congress’ Twitter account. The group had also said they would hack an email server, sansad.nic.in, used by government employees. 

In an online interview to ET, the hacker group had said that the Indian banking system is “deeply flawed”. They also claimed that it has been hacked several times adding that several other groups have access to key banking institutions. 

Also Read: Is Indian Govt Ready For Ransomware Attacks?

The group said that NPCI, IRDBT and a popular e-wallet firm’s servers are compromised, and have been attacked at the root level. IDRBT is a technology service provider for banks in India, offering technology services that are critical for the payment systems of the country.

In a wake of rising cyber attacks on financial institutions, a digital payment section has been created in CERT-In, an agency which monitors the Internet traffic on a real time basis given the ongoing momentum in cashless payments in the country. Prasad said that all digital payment firms have been asked to report any unusual movement immediately to CERT. 

“All digital payments agencies have been asked to report to CERT-In any unusual activity that they see on their platforms,” Prasad said. The division was set up after the November 8 announcement withdraw old INR 500 and INR 1000 notes from circulation.

“We are taking several measures to ensure a resilient system. We will audit IT infra of NPCI have formed crack teams at CERT-In for immediate response. There are CIOs who have been appointed in every ministry and govt department. We are undertaking massive program to create awareness among administrators, judges etc”, he added. 

To strengthen cyber security, the IT ministry had recently approved 26 new posts in CERT-Inand five State CERTs. The ET report said that two major initiatives to curb cyber crime – the BotNet Centre and the National Cyber Coordination Centre will also be expedited and are expected to come up before the end of this financial year.