Cybersecurity Incident Reporting: Obligations for Data Centers and Body Corporates in India

www, Web/Internet & Cyber Laws
Cybersecurity Incident Reporting

Types of cybersecurity incidents mandatorily to be reported by service providers, intermediaries, data centers, body corporate and Government organizations to CERT-In in India

[Rule 12(1)(a) of The Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013 (https://www.meity.gov.in/writereaddata/files/G_S_R%2020%20%28E%292_0.pdf) ]

1. Targeted scanning/probing of critical networks/systems

2. Compromise of critical systems/information

3. Unauthorised access of IT systems/data

4. Defacement of website or intrusion into a website and unauthorised changes such as inserting malicious code, links to external websites etc.

  • Malicious code attacks such as spreading of virus/worm/Trojan/Bots/ Spyware/Ransomware/Cryptominers
  • Attack on servers such as Database, Mail and DNS and network devices such as Routers
  • Identity Theft, spoofing and phishing attacks
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks

5. Attacks on Critical infrastructure, SCADA and operational technology systems and Wireless networks

  • Attacks on Application such as E-Governance, E-Commerce etc.
  • Data Breach
  • Data Leak
  • Attacks on Internet of Things (IoT) devices and associated systems, networks, software, servers
  • Attacks or incident affecting Digital Payment systems
  • Attacks through Malicious mobile Apps
  • Fake mobile Apps
  • Unauthorised access to social media accounts
  • Attacks or malicious/ suspicious activities affecting Cloud computing systems/servers/software/applications
  • Attacks or malicious/suspicious activities affecting systems/ servers/ networks/ software/ applications related to Big Data, Block chain, virtual assets, virtual asset exchanges, custodian wallets, Robotics, 3D and 4D Printing, additive manufacturing, Drones 
  • Attacks or malicious/ suspicious activities affecting systems/ servers/software/ applications related to Artificial Intelligence and Machine Learning

The Cybersecurity incidents can be reported to CERT-In via

Email – incident@cert-in.org.in
Phone – (1800-11-4949)
Fax – (1800-11-6969).

Vijay Pal Dalmia

By:

Vijay Pal Dalmia, Advocate
Supreme Court of India & Delhi High Court
Email id: vpdalmia@gmail.com
Mobile No.: +91 9810081079

If you found this article helpful

You may be interested in Vijay Pal Dalmia, Advocate, along with Siddharth Dalmia, Advocate‘s book, “A Guide to the Law of Money Laundering”. This comprehensive guide provides even more in-depth information on how to recognize and prevent money laundering. It’s packed with practical tips and advice for staying one step ahead of financial criminals.

Get Yours Today!

Related Posts

Submit a form.

Related Posts

Subscribe
Subscribe
Scroll to Top