(a) and (b): A vulnerability which has been named "StrandHogg" has been reported in the Android operating system. The vulnerability allows a malicious application to masquerade as genuine mobile app and steal information.
The Indian Computer Emergency Response Team (CERT-In) has published a vulnerability note on this issue on 9th December 2019 and alerted the users regarding precautionary measures to be taken.
Government has taken following measures to check malicious apps and enable users to protect their mobile phones:
(i) Alerts and advisories about the threats, vulnerabilities and malware affecting mobile phones along with countermeasures are being issued regularly by CERT-In.
(ii) Government has operationalised the Cyber Swachhta Kendra to enable detection and cleaning of malicious code including from mobile / smart phones.
(iii) Ministry of Electronics & Information Technology (MeitY) regularly conducts programs to generate information security awareness. Tips for users about information security including securing mobile phones are disseminated through websites like “https://infosecawareness.in”, “https://www.cert-in.org.in” and “https://www.cyberswachhtakendra.gov.in”.
(c) and (d): The Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding latest cyber threats and countermeasures on regular basis.
Further, Government has formulated guidelines on Crisis Management Plan for countering cyber attacks and cyber terrorism for implementation by all Ministries/ Departments of Central Government, State Governments and their organizations and critical sectors.
*******
Download PDF Files