Question : Losses due to Cyber Attack

Will the Minister of Electronics & Information Technology be pleased to state:-
(a) whether the Union Government is aware that many Indian companies are losing several crores every year due to cyber attacks;
(b) if so, whether the Union Government in consultation with State Governments propose to strengthen the cyber attack laws;
(c) if so, the details thereof;
(d) whether any separate wing has been created to check such cyber attacks and to prosecute the culprits involved; and
(e) if so, the details thereof?

Answer given by the minister

(a): The field of Information Technology (IT) is characterized by rapid developments and fast changing obsolescence. With every IT product introduced into the market, newer vulnerabilities are discovered, leaving scope for malicious actions. In tune with the dynamic nature of Information Technology, continuous efforts are required to be made to prevent and recover from cyber attacks. Malicious users continuously target India’s IT infrastructure to infiltrate and hamper the functionality of IT systems. As such, the protection of India''s IT infrastructure in general and critical information infrastructure in particular is a dynamic activity and continuing process. As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), a total no. of 44679, 49455, 50362 and 27482 cyber security incidents were observed during the year 2014, 2015, 2016 and 2017 (till June) respectively. The types of cyber security incidents include phishing, scanning/probing, website intrusions and defacements, virus/malicious code, ransomware, Denial of Service attacks, etc. No separate data with regard to the losses incurred by the Indian companies as a result of cyber attacks is maintained by Indian Computer Emergency Response Team (CERT-In) or Ministry of Corporate Affairs.

(b) and (c): The Information Technology Act, 2000, as amended from time to time, provides legal framework to deal with the cyber security breaches.

(d) and (e): The Indian Computer Emergency Response Team (CERT-In) has been designated as the nodal agency for responding to cyber security incidents in the country as per provisions of Section 70B of the Information Technology Act, 2000 as amended from time to time. National Critical Information Infrastructure Protection Centre (NCIIPC) has been created as per provision of Section 70A of the Information Technology Act, 2000 to act as the nodal agency for protection of critical information infrastructure. Information Technology Act 2000 provides for punishment for various cyber crimes. CERT-In is operating a round the clock incident response held desk, issuing alerts and advisories regarding latest cyber threats/vulnerabilities and countermeasures, conducting training programs on specific areas of cyber security and conducting mock drills to enable assessment of cyber security posture and preparedness of organizations.
*******

Download PDF Files
PDF(English)
PDF(Hindi)
Search

More from ELECTRONICS AND INFORMATION TECHNOLOGY
Other Ministries:
MICRO, SMALL AND MEDIUM ENTERPRISES

 POWER

 DRINKING WATER AND SANITATION

 COMMUNICATIONS

 HEALTH AND FAMILY WELFARE

 TRIBAL AFFAIRS

 FOOD PROCESSING INDUSTRIES

 SMALL SCALE INDUSTRIES AND RURAL AND AGRO INDUSTR

SCIENCE AND TECHNOLOGY

 PRIME MINISTER

 STATISTICS AND PROGRAMME IMPLEMENTATION

 DISINVESTMENT

 MINORITY AFFAIRS

 TOURISM AND CULTURE

 CIVIL AVIATION

 MINES AND MINERALS

HOUSING AND URBAN POVERTY ALLEVIATION

 EXTERNAL AFFAIRS

 LAW , JUSTICE AND COMPANY AFFAIRS

 FINANCE AND COMPANY AFFAIRS

 CONSUMER AFFAIRS AND PUBLIC DISTRIBUTION

CORPORATE AFFAIRS

 AGRO AND RURAL INDUSTRIES

 RURAL DEVELOPMENT

 PLANNING