27-Jul-2022: Prevention of Cyber Crimes

With the growth of the internet and proliferation of applications, products & services on it, citizens are being empowered and their lives transformed. However, with the growth of the internet, cybercrimes are also on the increase. The Government is aware of cybercrimes incidents including phishing originating in some parts of India including Jharkhand.

‘Police’ and ‘Public Order’ are State subjects as per the Seventh Schedule of the Constitution of India. States/UTs are primarily responsible for the prevention, detection, investigation and prosecution of crimes including cybercrime through their Law Enforcement Agencies (LEAs). The LEAs take legal action as per provisions of law against the offenders. The Central Government supplements the initiatives of the State Governments through advisories and financial assistance under various schemes for their capacity building.

As per Ministry of Home Affairs (MHA), to  strengthen  the  mechanism  to  deal  with  cyber-crimes  in  a comprehensive  and  coordinated  manner, the Ministry of Home Affairs has provided financial assistance to all the States & UTs under Cyber Crime Prevention against Women & Children (CCPWC) scheme to support their efforts for setting up of cyber forensic-cum-training laboratories, training, and hiring of junior cyber consultants. Cyber forensic-cum-training laboratories have been commissioned in 28 States. The Central Government has taken steps for spreading awareness about cybercrimes, issuance of alerts/ advisories, capacity building/ training of law enforcement personnel/ prosecutors/ judicial officers, improving cyber forensic facilities etc.

The Government has established Indian Cyber Crime Coordination Centre (I4C) to provide a framework and eco-system for LEAs to deal with the cybercrimes in a comprehensive and coordinated manner. ‘Joint Cyber Coordination Teams’ have been constituted for seven regions at Mewat, Jamtara, Ahmedabad, Hyderabad, Chandigarh, Vishakhapatnam and Guwahati under the I4C to address the issue of jurisdictional complexity, based upon cybercrime hotspots/ areas, by on-boarding all the States/UTs to provide a robust coordination framework to the LEAs.

The Government has launched the National Cyber Crime Reporting Portal (www.cybercrime.gov.in) to enable public to report incidents pertaining to all types of cybercrimes, with a special focus on cybercrimes against women and children. A toll-free number 1930 has been operationalized to get assistance in lodging online cyber complaints. The Citizen Financial Cyber Fraud Reporting and Management System module has also been launched for immediate reporting of financial frauds and to stop siphoning off fund by the fraudsters.

Government is fully cognizant and aware of various cyber security threats; and has taken following measures to enhance the cyber security posture and prevent cyber-attacks:

1. Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding latest cyber threats/vulnerabilities and countermeasures to protect computers and networks on regular basis. CERT-In has issued 70 advisories for organisations and users to create awareness on safe usage of digital technologies.
2.  CERT-In operates an automated cyber threat exchange platform to proactively collect, analyse and share tailored alerts with organisations across sectors for proactive threat mitigation actions by them.
3. Security tips have been published for users to secure their Desktops, mobile/smart phones and prevent phishing attacks.
4. Government has issued guidelines for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities to secure applications / infrastructure and compliance.
5. All the government websites and applications are audited with respect to cyber security prior to their hosting. The auditing of the websites and applications is conducted on a regular basis after hosting also.
6. CERT-In has empanelled 97 security auditing organisations to support and audit implementation of Information Security Best Practices.
7. CERT-In has formulated a Cyber Crisis Management Plan for countering cyber-attacks and cyber terrorism for implementation by all Ministries/ Departments of Central Government, State Governments and their organizations and critical sectors.
8. Cyber security mock drills are conducted regularly to enable assessment of cyber security posture and preparedness of organisations in Government and critical sectors. 67 such drills have so far been conducted by CERT-In where 886 organizations from different States and sectors participated.
9. CERT-In conducts regular training programmes for network / system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organisations regarding securing the IT infrastructure and mitigating cyber-attacks. 19 and 5 training programs were conducted covering 5169 and 449 participants during the year 2021 and 2022 (upto June) respectively.
10. CERT-In operates the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). The centre provides detection of malicious programs and free tools to remove the same along with cyber security tips and best practices for citizens and organisations.
11. CERT-In has set up the National Cyber Coordination Centre (NCCC) to generate necessary situational awareness of existing and potential cyber security threats. Phase-I of NCCC is operational.
12. CERT-In also co-operates, works and coordinates incident response measures with international CERTs, overseas organisations and service providers as well as Law Enforcement Agencies.
13. CERT-In provides the requisite leadership for the Computer Security Incident Response Team-Finance Sector (CSIRT-Fin) operations under its umbrella to respond to, contain and mitigate cyber security incidents reported from the financial sector.
14. Computer Security incident Response Team-Finance (CSIRT-Fin), CERT-In, National Institute of Securities Markets (NISM) and Centre for Development of Advanced Computing (CDAC) are conducting a self-paced 60 hour certification program on “Cyber Security Foundation Course” for professionals in financial sector.
15. CERT-In regularly disseminates information and share security tips on cyber safety and security through its official social media handles and websites. CERT-In organised various events and activities for citizens during Cyber Security Awareness Month in October 2021 and Safe Internet day on 8 February 2022 by posting security tips using posters and videos on social media platforms and websites. CERT-In in association with CDAC conducted online awareness campaign for citizens covering topics such as general online safety, social media risks and safety, mobile related frauds and safety, secure digital payment practices etc. through videos and quizzes on MyGov platform.
16. CERT-In, Reserve Bank of India (RBI) and Digital India jointly carry out a cyber security awareness campaign on ‘beware and be aware of financial frauds’ through Digital India Platform.

Ministry of Electronics & Information Technology (MeitY) conducts programs to generate information security awareness. Specific books, videos and online materials are developed for children, parents and general users about information security which are disseminated through portals like “www.infosecawareness.in”, and “www.csk.gov.in”.

9-Feb-2022: Strategy to Prevent Cyber Crimes

'Police' and 'Public Order' are State subjects as per the Seventh Schedule to the Constitution of India. States/UTs are primarily responsible to maintain law and order, inter-alia including strategy to prevent cybercrimes, planning and setting up of task force, and capacity building/training of Law Enforcement Agencies (LEAs) for prevention, detection, investigation and prosecution of cybercrimes. The Central Government supplements the initiatives of the State Governments through various advisories and schemes for the capacity building of their LEAs.

To  strengthen  the  mechanism  to  deal  with  cybercrimes  in  a comprehensive  and  coordinated  manner,  the  Central  Government  has taken steps  for  spreading  awareness  about  cybercrimes;  issuance  of  alerts/ advisories; capacity building/training of   law  enforcement personnel/ prosecutors/judicial officers; improving cyber forensic facilities; etc. MHA has established Indian Cyber Crime Coordination Centre (I4C) to provide a framework and eco-system for LEAs to deal with the cybercrimes in a comprehensive and coordinated manner. The Government has launched the National Cyber Crime Reporting Portal (www.cybercrime.gov.in), to enable public to report incidents pertaining to all types of cybercrimes, with a special focus on cybercrimes against women and children. Cybercrime incidents reported on this portal are routed automatically to the respective State/UT law enforcement agency for further handling as per the provisions of the law. A toll-free helpline number has been operationalized to get assistance in lodging online cyber complaints.