National Perspective of Cybersecurity Commander Mukesh Saini Information Security Specilist Head – National Information Security Coordination Cell National Security Council Secretariat For Rail-CERT meeting on 24 Oct 2005
In 2004 the top ten most re-defaced second/third level .in ccTLD was railnet.gov.in. It was re-defaced 16 times. Some of the site affected were er.railnet.gov.in, ircot.railnet.gov.in, irpmu.railnet.gov.in, nfr.railnet.gov.in Source : CERT-In White Paper 2004-01
Defacement of Indian Railways Websites Source : CERT-In White Paper 2004-01
Defacement of Indian Railways Websites
Why cyber crimes may increase because Cyberspace is increasing in India Source : DIT Annual Report 2005
IT sector underpins Indian economy … • One of the fastest growing sectors of Indian industry. • A growth of 34% in rupee as well as dollar terms in exports during 2004-05. • Achieved CAGR of 30% in turnover and 37% in exports during last 5 years. Source : DIT Annual Report 2005
Growth of IT sector • Grew from 1.2% of GDP in 1997-98 to 4.1 % in 2004-05 • BPOs grew at rate of 54% in 2003-04 directly employing about 2.5 lakhs personnel. • 4.1 crore cellphones. More mobiles than fixed line phones. Source : DIT Annual Report 2005
e-governance… • State wide area networks (SWANs) up to block level. • 25 mission mode projects • Income Tax • Passport & Visa • Land records • Police • E-Court etc. • Information Security is not the concern. Source : DIT Annual Report 2005
E-Travel Bookings in India(in Crores of Rs) Source : eStatsIndia B2C E-Commerce, Market Size and Forecast Study, 2005
Projection Broadband Users Internet Users End 2005 3 million 6 million 2007 9 million 18 million 2010 20 million 40 million AND India’s Broadband Policy: Oct 2004 This represents a huge ‘Always On’ haven for Criminals… Source : DoT Annual Report 2005
In the rapid growth of IT sector in India Information Security has not been seriously factored in.
Unfortunately, the true extent of cybercrime in India not known due to lack of reporting, coordinated monitoring and collation
Major Criminal Activities-2 • Denial-of-Service • Spam • Cyber Squatting • Cyber stalking • Child Pornography
Major Criminal Activities-3 • Malicious code Proliferation • e-Extortion & Protection Rackets • Cyber Frauds • Cyberterrorism Money not notoriety is the driving force & Cyber Crime has become organized Business.
Top Concerns • Lack of publicly stated National Information Security Policy. • Lack of trained & qualified manpower. • Non existent or weak institutions. • Non-exploitation of provision of IT Act 2000. • Lack of Assurance framework (standardization, Accreditation and Certification) • Lack of awareness & culture of cybersecurity
Other Areas of Concern-1 • Rules and regulation under the IT Act to contain crime not framed and proposed amendments recommends diluting power of police. • No e-mail account policy especially for defence, police and agency personnel. • No cybercrisis management plan.
Concerns about Railways Network • Failure of ticketing & reservation system can cause social turmoil. • Failure of signaling system have physical security hazard • Failure of e - ticketing can cause financial losses. • Failure of other applications such as tracking of bogies can cause financial losses. • Compromise of train movements can provide necessary intelligence to adversaries • Compromise of financial transactions can motivate for frauds
NSCS National Coordinator for Information Security National Information Board NTRO Defensive & Operational Cyberwarfare Computer Emergency Response Team - India Information Infrastructure Protection Centre MC&IT Development & Promotional Role Various Ministries Coordinators of Special Functions Sector Cybersecurity Officers cyber police stations Organisational level CERTs Information Security Technology Development Council DIWA RMA Defence Procurement Board SCADA Protection Assurance Framework International Cooperation Cryptography Cyber Laws Network Surveillance Economic Intelligence Cyber Forensic Awareness &Training PKI National Information Security Structure
Action Initiated for Information Security • National Information Board (NIB) • National Information Security Policy (NISP) • Information Security Task Force (ISTF) • Indo US Cyber Security Forum (IUSCSF) • Various Inter-ministerial working groups (IMWGs)
Action Initiated for Information Security • Information Infrastructure Protection Centre (IIPC) • National Internet Exchange of India (NIXI) • Computer Emergency Response Team –India (Cert-in) • Group of Sectoral Cybersecurity Offices (SCOs) • Information Security Technology Development Council (ISTDC) • Empanelment of VA teams by CERT-IN.
CERT-Rail ??? CERT CERT-IN FINCERT CERT ??? Naval CERT Army CERT Air-CERT CERT-In relationship with in India
Recommendations • Widely publicise creation of CERT-Rail. • Create railways wide Information Security Policy. (based on ISO 17799:2005 standards and National Information Security Policy) • Close coordination between CERT-Rail & CERT-In. • Undertake Vulnerability Analysis of all networks. • Prepare 5 year roadmap for Cybersecurity activities • Host Railways websites on secure servers • Define e-mail account policy • Enforce best management practices information security • Launch Railways wide awareness campaign