India has raised its concerns with the US over reports on authorisation of American entities to spy on Indian government and its citizens in the cyber space, Minister of State for External Affairs V.K. Singh said on Thursday.
The Indian government has taken steps to enhance the cyber security of the country and improve its ability to resist cyber-attacks, Singh said in a written reply to a question in the Rajya Sabha.
“The government has raised its concerns with the US government regarding reported authorisation given to its entities to intrude upon the privacy of communications of the Indian government, its citizens and Indian entities,” he said in his reply.
“The devices on the Internet are prone to regular scanning from different parts of the world for a variety of purposes, including to penetrate cyber networks operating in the government. It has been observed that the attackers use masquerading techniques and hidden servers to hide the identity of actual system from which the attacks are being launched,” he said.
The Indian government had formulated a ‘Crisis Management Plan’ for countering cyber-attacks and cyber terrorism for implementation by all ministries/departments of the central and state governments and other organisations and critical sectors.
“The Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding latest cyber threats and countermeasures on regular basis. CERT-In has formulated guidelines for securing IT infrastructure. It also conducts regular training programmes for the system administrators,” Singh said.
The National Critical Information Infrastructure Protection Centre (NCIIPC) has been operationalised and it “provides regularly to chief information security officers of critical information infrastructure organisations, tailored advisories on software/hardware vulnerabilities and alerts on cyber-attacks”.
In addition, policy, audit and compliance reports from critical information infrastructure organisations were analysed.
“All ministries/departments have been advised to conduct security audit of entire information technology infrastructure,” Singh said.