Page 56 - PR COMMUNICATION AGE July - December 2020
P. 56

bidirectional sharing of enriched tactical threat intelligence  Uzbekistan, Bangladesh, Seychelles, Kingdom of Morocco,
         thus helping to build a cyber-resilient ecosystem. The main  Finland and Estonia.
         goal of CERT-In is to collect, analyse and disseminate cyber
         threat intelligence in real time. The exchange of CTI  CERT-In is regularly coordinating with leading service
         represented in STIX (Structured Threat Information   providers and product vendors within and outside the
         expression) is communicated through TAXII (Trusted   country to obtain advance information on latest cyber
         Automated Exchange of Intelligence Information) protocol  threats and attack trends and devise appropriate proactive
         over HTTPS.                                          and preventive measures.


         The information shared as CTI by CERT-In assists in the  CERT-In is an operational member of Asia Pacific Computer
         technical, operational, tactical and strategic defence of  Emergency Response Teams (APCERT). CERT-In is the
         network-based assets.                                convener of two working groups across APCERT namely “IoT
                                                              Security working group” and “Secure Digital Payments
         The goals of CTIX are:                               working group” to address security threats and evolve best
                                                              practices to secure these domains. The first report of the
         •   Enable timely and secure sharing of threat information
             by CERTt-In, in cyber defender communities in Indian  “Secure Digital Payments” working group was completed
             Cyber Space and International Trust Partners.    and circulated to the APCERT operational members.
         •   Enable organization to anonymously share intelligence  CERT-In is also member of various other working groups
             back with CERT-In                                under APCERT such as Information sharing working group,
         •   Emerge as a Centre of Excellence in Cyber threat  Drill working group, Malware Mitigation working group,
             intelligence and acts as National Cyber threat   Training Working Group and Tsubame Working Group,
             Intelligence Data Store for various stakeholders to  Forum of Incident Response and Security Teams (FIRST) &
             collaborate and share.                           Global Research Partner Anti Phishing Working Group
                                                              (APWG).
         CERT-In via CTIX distributed details to its constituency
         regarding 14 malicious campaigns, recommended 5 course  Upgradation of Infrastructure
         of action, provided details of 126 threat actors, made  DNS servers have been upgraded with latest hardware and
         available facts related to 42,089 malicious domains, 6,17  security features. With the increase in user data base and
         lakh malicious IPs, 35,043 malicious URLs and 539    need of more storage space due to enhanced applications
         vulnerabilities being exploited by malicious actors.  and users the storage area network has been augmented
                                                              with the latest flash technology which has reduced the
         Cooperation and Collaboration                        response time and increased storage capacity. Additional
         Strengthening cooperation with all stakeholders to   security equipment have been integrated with the unified
         effectively deal with cyber security issues has been one of  threats management system to handle malicious zero day
         the main focus areas of the Government. As such, this  attacks. UTM and intrusion prevention equipment at the
         aspect is being dealt with by way of security cooperation  disaster recovery site have been upgraded in order to handle
         arrangements in the form of Memorandum of            the increase volume of traffic. Automated scanning tools
         Understanding (MoU) between Indian Computer          have been deployed in the local area Network to keep the
         Emergency Response Team (CERT-In) and its overseas   active nodes free from virus and malware.
         counterpart agencies, that are willing to work together and
         share information in a timely manner for preventing cyber  Security awareness, skill development and
         attacks as well as collaborating for providing swift response  training
         to such incidents. At present such MoUs have been signed  In order to create security awareness within the
         with counterpart agencies / CERTs of United States of  government, public and critical sector organisations, CERT-
         America (USA), United Kingdom, Japan, South Korea,   In regularly conducts trainings/workshops to train officials
         Australia, Malaysia, Singapore, Canada, Vietnam,     of Government, critical sector, public sector industry,

                                "Some breakups are the breakthroughs you've been praying for."



         56    PR COMMUNICATION AGE   July - December 2020
   51   52   53   54   55   56   57   58   59   60   61