With the growth of the internet and proliferation of applications, products & services on it, citizens are being empowered and their lives transformed. However, with the growth of the internet, cyber crimes are also on the increase. The Government is aware of cyber crime incidents including phishing originating in some parts of India including Jharkhand.
‘Police’ and ‘Public Order’ are State subjects as per the Seventh Schedule of the Constitution of India. States/UTs are primarily responsible for the prevention, detection, investigation and prosecution of crimes including cyber crime through their Law Enforcement Agencies (LEAs). The LEAs take legal action as per provisions of law against the offenders. The Central Government supplements the initiatives of the State Governments through advisories and financial assistance under various schemes for their capacity building.
As per the Ministry of Home Affairs (MHA), to strengthen the mechanism to deal with cyber crimes in a comprehensive and coordinated manner, the Ministry of Home Affairs has provided financial assistance to all the States & UTs under Cyber Crime Prevention against Women & Children (CCPWC) scheme to support their efforts for setting up of cyber forensic-cum-training laboratories, training, and hiring of junior cyber consultants. Cyber forensic-cum-training laboratories have been commissioned in 28 States. The Central Government has taken steps for spreading awareness about cyber crimes, issuance of alerts/ advisories, capacity building/ training of law enforcement personnel/ prosecutors/ judicial officers, improving cyber forensic facilities, etc.
The Government has established the Indian Cyber Crime Coordination Centre (I4C) to provide a framework and eco-system for LEAs to deal with cyber crimes in a comprehensive and coordinated manner. ‘Joint Cyber Coordination Teams’ have been constituted for seven regions at Mewat, Jamtara, Ahmedabad, Hyderabad, Chandigarh, Vishakhapatnam and Guwahati under the I4C to address the issue of jurisdictional complexity, based upon cyber crime hotspots/ areas, by on-boarding all the States/UTs to provide a robust coordination framework to the LEAs.
The Government has launched the National Cyber Crime Reporting Portal (www.cybercrime.gov.in) to enable the public to report incidents pertaining to all types of cyber crimes, with a special focus on cyber crimes against women and children. A toll-free number 1930 has been operationalized to get assistance in lodging online cyber complaints. The Citizen Financial Cyber Fraud Reporting and Management System module has also been launched for immediate reporting of financial frauds and to stop siphoning off funds by the fraudsters.
Government is fully cognizant and aware of various cyber security threats; and has taken the following measures to enhance the cyber security posture and prevent cyber-attacks:
- Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding the latest cyber threats/vulnerabilities and countermeasures to protect computers and networks on regular basis. CERT-In has issued 70 advisories for organisations and users to create awareness of the safe usage of digital technologies.
- CERT-In operates an automated cyber threat exchange platform to proactively collect, analyse and share tailored alerts with organisations across sectors for proactive threat mitigation actions by them.
- Security tips have been published for users to secure their Desktops, and mobile/smart phones and prevent phishing attacks.
- The government has issued guidelines for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities to secure applications/infrastructure and compliance.
- All government websites and applications are audited with respect to cyber security prior to their hosting. The auditing of the websites and applications is conducted on a regular basis after hosting also.
- CERT-In has empanelled 97 security auditing organisations to support and audit the implementation of Information Security Best Practices.
- CERT-In has formulated a Cyber Crisis Management Plan for countering cyber attacks and cyber terrorism for implementation by all Ministries/ Departments of Central Government, State Governments and their organizations and critical sectors.
- Cyber security mock drills are conducted regularly to enable assessment of cyber security posture and preparedness of organisations in Government and critical sectors. 67 such drills have so far been conducted by CERT-In where 886 organizations from different States and sectors participated.
- CERT-In conducts regular training programmes for network/system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organisations regarding securing the IT infrastructure and mitigating cyber attacks. 19 and 5 training programs were conducted covering 5169 and 449 participants during the year 2021 and 2022 (upto June) respectively.
- CERT-In operates the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). The centre provides detection of malicious programs and free tools to remove the same alongwith cyber security tips and best practices for citizens and organisations.
- CERT-In has set up the National Cyber Coordination Centre (NCCC) to generate necessary situational awareness of existing and potential cyber security threats. Phase-I of NCCC is operational.
- CERT-In also co-operates, works and coordinates incident response measures with international CERTs, overseas organisations and service providers as well as Law Enforcement Agencies.
- CERT-In provides the requisite leadership for the Computer Security Incident Response Team-Finance Sector (CSIRT-Fin) operations under its umbrella to respond to, contain and mitigate cyber security incidents reported from the financial sector.
- Computer Security incident Response Team-Finance (CSIRT-Fin), CERT-In, National Institute of Securities Markets (NISM) and Centre for Development of Advanced Computing (CDAC) are conducting a self-paced 60-hour certification program on the “Cyber Security Foundation Course” for professionals in the financial sector.
- CERT-In regularly disseminates information and shares security tips on cyber safety and security through its official social media handles and websites. CERT-In organised various events and activities for citizens during Cyber Security Awareness Month in October 2021 and Safe Internet day on 8 February 2022 by posting security tips using posters and videos on social media platforms and websites. CERT-In in association with CDAC conducted an online awareness campaign for citizens covering topics such as general online safety, social media risks and safety, mobile-related frauds and safety, secure digital payment practices etc. through videos and quizzes on the MyGov platform.
- CERT-In, Reserve Bank of India (RBI) and Digital India jointly carry out a cyber security awareness campaign on ‘beware and be aware of financial frauds’ through Digital India Platform.
Ministry of Electronics & Information Technology (MeitY) conducts programs to generate information security awareness. Specific books, videos and online materials are developed for children, parents and general users about information security which are disseminated through portals like “www.infosecawareness.in”, and “www.csk.gov.in”.