LLMpediaThe first transparent, open encyclopedia generated by LLMs

Computer Emergency Response Team (CERT-In)

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: RuPay Hop 5
Expansion Funnel Raw 62 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted62
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
Computer Emergency Response Team (CERT-In)
NameComputer Emergency Response Team (CERT-In)
Formed2004
JurisdictionIndia
HeadquartersNew Delhi
Parent agencyMinistry of Electronics and Information Technology

Computer Emergency Response Team (CERT-In) Computer Emergency Response Team (CERT-In) is the national computer emergency response organisation responsible for information security incident handling, vulnerability handling, and coordination of cyber security events in India. Established to strengthen national resilience against cyber threats, CERT-In operates within New Delhi and interacts with a range of domestic and international institutions. It plays a central role in incident response, advisories, and capacity building for public and private sector stakeholders across National Informatics Centre, State governments of India, Indian Computer Emergency Response Team-related entities, and sectoral regulators.

History

CERT-In was constituted in 2004 following recommendations by policy-makers seeking a nodal agency for cyber security after several high-profile incidents exposed vulnerabilities in national infrastructure. Its formation occurred in the context of escalating cyber incidents that involved actors linked to Operation Aurora, Conficker, and regional intrusions affecting institutions such as Indian banking system and telecommunications companies. Over time, CERT-In expanded capabilities through programs inspired by practices at United States Computer Emergency Readiness Team, United Kingdom National Cyber Security Centre, and the European Union Agency for Cybersecurity. Significant milestones include issuance of first national advisories, establishment of incident reporting frameworks aligning with norms from International Telecommunication Union, and development of training initiatives with CERT/CC and academic partners like Indian Institutes of Technology.

CERT-In derives its mandate from policy instruments and administrative orders issued by the Ministry of Electronics and Information Technology. Its statutory authority and operational role intersect with laws and regulations such as the Information Technology Act, 2000 and subsequent amendments under which directions and directives on cyber security are issued. The organisational structure comprises departments responsible for incident response, security audit, predictive analytics, and capacity building, reporting to senior officials within Ministry of Electronics and Information Technology. CERT-In liaises with sectoral regulators including the Reserve Bank of India, Securities and Exchange Board of India, Telecom Regulatory Authority of India, and law-enforcement agencies such as Central Bureau of Investigation and National Investigation Agency for enforcement, forensics, and prosecution support.

Functions and services

CERT-In issues advisories, alerts, and vulnerability notes addressing threats from malware strains, Advanced Persistent Threats linked to campaigns like Pegasus, and botnets akin to Mirai. It provides incident handling services, coordination for information sharing with organisations such as National Critical Information Infrastructure Protection Centre, and forensic support in breach investigations involving actors like Lazarus Group or groups associated with geopolitical campaigns. CERT-In runs capacity-building programs with universities including Indian Institute of Science, conducts cyber exercises with institutions like Indian Air Force and Indian Navy, and publishes guidelines for secure configurations used by State Bank of India, Bharat Sanchar Nigam Limited, and other critical entities. Its services include threat intelligence feeds, periodic vulnerability disclosures, secure coding advisories relevant to platforms such as Android (operating system), Microsoft Windows, Linux kernel, and enterprise applications like Oracle Database and SAP SE.

Major incidents and responses

CERT-In has coordinated responses to a range of incidents including large-scale data breaches affecting government portals and private enterprises, targeted intrusions against financial institutions including incidents comparable to those that affected SWIFT users globally, and ransomware outbreaks that echoed incidents like WannaCry and NotPetya. In each event, CERT-In issued advisories, coordinated mitigation steps with affected entities such as Aadhaar implementing agencies, and collaborated with international partners including Interpol and United States Department of Homeland Security for attribution and remediation. Notable engagements include response to intrusion campaigns exploiting Apache Struts vulnerabilities, mitigation advisories for Microsoft Exchange Server compromises, and national-level alerts during election-related disinformation operations tied to platforms like Twitter and Facebook.

Collaborations and partnerships

CERT-In maintains bilateral and multilateral engagements with peer organizations including United States Computer Emergency Readiness Team, CERT-EU, Japan Computer Emergency Response Team Coordination Center, and the Asia Pacific Computer Emergency Response Team network. It partners with academic institutions such as Indian Institutes of Technology, Indian Statistical Institute, and National Institute of Technology for research, and with industry bodies like National Association of Software and Service Companies and Confederation of Indian Industry for outreach. CERT-In participates in exercises and information sharing frameworks with Global Forum on Cyber Expertise, International Telecommunication Union, and law enforcement through liaison with Europol and Interpol.

Criticism and controversies

CERT-In has faced criticism over mandated directives that require interception, data retention, and reporting timelines perceived as stringent by technology firms and civil society groups such as Internet Freedom Foundation and digital rights advocates. Controversies have arisen regarding scope of powers under the Information Technology Act, 2000 and guidance on encryption that drew responses from multinational companies including Google (company), Microsoft Corporation, and WhatsApp. Debates have also focused on transparency in incident disclosures, timeliness of advisories during events impacting platforms like Air India booking systems or large-scale portals, and coordination challenges highlighted in audits by independent reviewers including think-tanks such as Observer Research Foundation and Centre for Internet and Society.

Category:Computer security in India