LLMpediaThe first transparent, open encyclopedia generated by LLMs

Indian Computer Emergency Response Team

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: State Bank of India Hop 4
Expansion Funnel Raw 56 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted56
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
Indian Computer Emergency Response Team
NameIndian Computer Emergency Response Team
Formed2004
JurisdictionIndia
HeadquartersNew Delhi
Parent agencyMinistry of Electronics and Information Technology

Indian Computer Emergency Response Team is the national cybersecurity agency responsible for incident response, vulnerability coordination, and advisory dissemination for information technology infrastructure across India. It operates as a nodal agency for responding to computer security incidents, coordinating with electronic commerce platforms, telecommunications carriers, critical infrastructure sectors such as Power Grid Corporation, NTPC, and transportation operators including Indian Railways. The agency issues alerts, guidelines, and frameworks to public sector undertakings, private corporations, and academic institutions such as the Indian Institutes of Technology.

History

The organisation traces its roots to rapid digitalisation and high-profile cyber incidents in the early 2000s that affected institutions like State Bank of India and information repositories at the National Informatics Centre. Established in 2004 under the aegis of the Department of Electronics and Information Technology and later aligned with the Ministry of Electronics and Information Technology, it evolved alongside national initiatives including Digital India and the rollout of Aadhaar. Major milestones include the publication of national incident response protocols, the introduction of sectoral security advisories following attacks on Indian banks and electoral infrastructure, and the development of a national vulnerability database modelled on international counterparts such as CERT/CC and US-CERT.

Organisation and Governance

The agency functions under the administrative control of the Ministry of Electronics and Information Technology and coordinates with statutory bodies like the Reserve Bank of India for financial-sector advisories and the Election Commission of India for electoral cybersecurity. Its governance involves technical advisory panels comprising representatives from research institutions such as the Indian Statistical Institute, academic networks including the National Knowledge Network, and industry stakeholders like Tata Consultancy Services and Infosys. Regional nodal centres liaise with state-level agencies, metropolitan police cyber cells including the Mumbai Police Cyber Cell and Delhi Police Cyber Cell, and critical infrastructure operators such as Bharat Sanchar Nigam Limited.

Functions and Services

The agency provides incident handling services, vulnerability coordination, threat intelligence dissemination, and capacity building via training programmes with institutions like the Indian Computer Emergency Response Team Training Academy and collaborations with international entities such as INTERPOL and FIRST. It maintains databases of known malware signatures, coordinates disclosure with software vendors including Red Hat and Microsoft, and publishes advisories on threats like ransomware incidents affecting utilities and supply chain compromises involving firms such as Wipro and HCLTech. Services include emergency response hotlines used by corporate registrants, secure communication channels with ministries like the Ministry of Home Affairs and Ministry of Defence, and guidance for information-sharing by telecommunications providers including Bharti Airtel and Reliance Jio.

Incident Response and Operations

Operational workflows cover detection, analysis, containment, eradication, and recovery in coordination with partners such as law enforcement agencies, forensic laboratories like the Centre for Development of Advanced Computing, and international CERTs including JPCERT/CC. High-profile operations have involved response to supply chain incidents, distributed denial-of-service attacks targeting telecom backbones, and malware campaigns affecting academic networks at universities like Jawaharlal Nehru University. The organisation publishes periodic situational reports, issues indicators of compromise for security operations centres at banks regulated by the Reserve Bank of India, and supports digital forensics for prosecutions handled by courts including the Supreme Court of India.

Collaboration and Partnerships

The agency engages in multilateral and bilateral cooperation with organisations such as NATO Cooperative Cyber Defence Centre of Excellence, ENISA, CISA, and regional partners like Singapore’s Computer Emergency Response Team. Domestic partnerships span private-sector firms (for example, Wipro, Tata Consultancy Services, Infosys), academia including Indian Institutes of Information Technology, and sector regulators like the Insurance Regulatory and Development Authority of India. It participates in exercises with law enforcement agencies including the Central Bureau of Investigation and customs authorities to address cross-border cybercrime and transnational fraud.

The agency’s mandate is framed by national instruments and advisories issued by the Ministry of Electronics and Information Technology and intersects with statutes such as the Information Technology Act, 2000. It issues legally influential directions to telecom operators regulated by the Telecom Regulatory Authority of India and guidance that informs compliance obligations for financial entities overseen by the Reserve Bank of India. Policy outputs include baseline security frameworks for critical information infrastructure designated under sectoral lists maintained with the National Critical Information Infrastructure Protection Centre.

Criticism and Controversies

The organisation has faced scrutiny over issues such as clarity of legal authority, timeliness of advisories during major incidents affecting entities like Yes Bank and Indian Power Sector operators, and transparency in disclosure practices. Critics from civil society organisations including Software Freedom Law Center and academic commentators at institutions like Centre for Internet and Society have debated its interaction with privacy norms tied to programmes such as Aadhaar and the potential for tension with digital rights advocated by groups like Internet Freedom Foundation. Concerns have also been raised about resource allocation relative to rising threats and coordination challenges with state police and private cybersecurity vendors.

Category:Computer security organizations in India