/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsWith convergence bringing various digital devices under the umbrella of
Internet, virus attacks have gone past the PC system and have entered mobile
handheld devices as well. The convergence of digital devices has also increased
the vulnerability levels of various software, hardware, and even mobiles. Indian
Computer Emergency Response Team (CERT-In) is fully committed towards promoting
the adoption of security policy by various organizations in the region. Zia
Askari of CyberMedia News spoke with CERT-In Dy CCA and director, Dr KK Bajaj,
about the various security threats.
What is the focus for the organization?
CERT has created a security compliance framework under which government
organizations and critical infrastructure agencies should adopt and implement
security policies, and third party auditors should audit their computer systems
and networks. The purpose of CERT-In is to become the nation's most trusted
referral agency for responding to computer security incidents as and when they
occur.
What kind of awareness have you been able to generate in the government
segment?
With a lot of state governments' developing projects on e-governance
today, there is a lot of activity within the government. This requires a lot of
initiatives to be taken at the computer security level. Efforts are now being
made to increase the awareness levels.
Now we have PDAs, and mobile phones or smart devices, which frequently
touch Internet and are vulnerable. How do you plan to deal with this situation?
Yes, this is one of the biggest challenges for an organization like ours.
With convergence happening everywhere, devices like smart phones and PDAs are
now very much at the same level of vulnerability as a PC or a notebook. We keep
coming out with specific guidelines to help consumers get rid of viruses or
prevent such attacks to take place. At present we are working on cutting edge
topics like the 'SpyWare,' 'Cabir,' and 'Phishing.'
|
/dq/media/post_attachments/e105f105bbcd4348dfaef24afed97d0d9b97bf585df11347284f7dd524b8517b.jpg)
We are in the process of finalizing a market survey to find out about various
vulnerabilities in mobiles. The Indian market doesn't have much of the Symbian
platform mobile handsets. So, not much has happened in India when it comes to
mobile virus attacks, but we would be submitting a guideline on this very
shortly.
How can an organization secure itself from cyber attacks?
This is a very difficult question to answer. But still we always try our
best to communicate the vulnerabilities of a particular software application or
program. Properly configured and well-patched systems are less vulnerable when
it comes to virus attacks. An intrusion is indeed preventable, provided
effective security measures are taken by system administrators to plug known
vulnerabilities, and appropriate counter measures are taken against the virus
attacks. Cyber security incidents should be reported by victim organizations to
CERT-In, so we can help them contain damage for such intrusions, and restore
systems back to operation in a short time. Moreover, this helps us in becoming a
repository of security incidents, which can be shared with all the other
organizations in the country so that similar incidents do not affect others.