After Threat From #Legion, Government Orders Review Of Entire IT Security

In view of the several hacking incidents in the country by hacker group ¡®Legion¡¯, the ministry of electronics and IT has ordered a series of measures, including audit of the financial sector starting immediately with the National Payment Corporation of India (NPCI), review of the IT Act to make it stronger and setting up a crack team to respond to unusual incidents on a war footing.

Reuters

Social networking site Twitter has also been asked to strengthen its network and all stakeholders of the financial industry including payment and wallet firm have been asked to immediately report any untoward incident. NPCI is an umbrella organisation for all retail payments system in India.

Union minister of electronics and IT, Ravi Shankar Prasad, said that he has ordered a review of the ¡°entire IT infrastructure¡± of India and the need of the hour is ¡°hardening¡± of the security wall.

¡°There is huge traffic flowing through the IT platforms, if there is any mishap, the systems have to be resilient and we have to take appropriate measures,¡± said Prasad.

PTI

A digital payment section has been created in CERT-In, an agency which monitors the Internet traffic on real-time basis given the ongoing momentum in cashless payments in the country.

¡°We have to be alert, there is nothing to be scared of,¡± he added. Prasad also called for a meeting of the security and technical staff of banks on Tuesday. The meeting was attended by over 50 officers from banks such as IDFC, ICICI, SBI, Canara Bank among others.

Under the IT Act it is mandatory for all institutions to report cyber incidents to CERT-In, however prompt reporting of such incidents, especially by banks has not happened in the past. Prasad said that all digital payment firms have been asked to report any unusual movement to CERT.

AFP

¡°We have sought details from all the people whose accounts have been hacked and Twitter has also been asked to strengthen its security and to pay attention to any unusual movement,¡± said Prasad.

In an online interview to ET on Monday, the hacker group had said that the Indian banking system is ¡°deeply flawed¡±. They also claimed that it has been hacked several times adding that several other groups have access to key banking institutions. The group, which has so far hacked into the Twitter accounts of Congress vice president Rahul Gandhi's, official account of Indian National Congress, liquor baron Vijay Mallya, journalists Barkha Dutt and Ravish Kumar,as well as news channel NDTV, said that NPCI, IDRBT and a popular e-wallet firm¡¯s servers are compromised and have been attacked at the root level.

Reuters

IDRBT is a technology service provider for banks in India, offering technology services that are critical for the payment systems of the country. Prasad said that the ministry has started a review of the IT Act in order to strengthen it as the Act was formed in 2000 ¨C almost 16 year ago ¨C and may have to be updated to deal with the move towards digital payments and mobile banking.

ET had reported about the intent to review the IT Act to make it more current even before the hacking incidents took place. ¡°India is going towards digital payments and we need to reinforce the entire architecture,¡± said Prasad. He added that all ministries have also been asked to appoint Central Information Security Officers apart from creating awareness among people regarding cyber security.