Cyber Security – CERTs, Policy, etc

Threat of new malware looms over cyberspace

Image source


Mains Paper 3: Science & Technology | Awareness in the fields of IT, Space, Computers, robotics, nano-technology, bio-technology

From UPSC perspective, the following things are important:

Prelims level: DDoS attack, Mirai, Reaper, Saposhi, CERT-In

Mains level: Rising threat of cyber attacks

DDoS attack by malware

  1. After Mirai and Reaper, cybersecurity agencies have detected a new malware called Saposhi
  2. It is capable of taking over electronic devices and turning them into ‘bots’, which can be then used for any purpose
  3. This includes a Distributed Denial Of Service attack

What is a DDoS attack?

  1. In DDoS attacks, the malware first creates a network of bots called a botnet via internet-connected devices
  2. It then uses the botnet to ping a single server at the same time
  3. As the number of pings is far beyond the server’s capacity, the server crashes and denies service to its consumers

Previous malware attacks

  1. In October last year, the Computer Emergency Response Team (CERT)  had issued an alert about reaper
  2. It was a highly evolved malware capable of not only hacking devices like WiFi routers and security cameras, but also able to hide its own presence in the bot


Computer Emergency Response Team (CERT)

  1. The Indian Computer Emergency Response Team (CERT-In) is an office within the Ministry of Electronics and Information Technology
  2. It is the nodal agency to deal with cybersecurity threats like hacking and phishing
  3. It strengthens the security-related defense of the Indian Internet domain
  4. CERT-In has been designated under Section 70B of Information Technology (Amendment) Act 2008 to serve as the national agency to perform the following functions in the area of cybersecurity:
    • Collection, analysis, and dissemination of information on cyber incidents
    • Forecast and alerts of cybersecurity incidents
    • Emergency measures for handling cybersecurity incidents
    • Coordination of cyber incident response activities
    • Issue guidelines, advisories, vulnerability notes and white papers relating to information security practices, procedures, prevention, response and reporting of cyber incidents

Leave a Reply

Please Login to comment
Notify of