India: Types Of Cyber Security Incidents Mandatorily To Be Reported By Service Providers, Intermediaries, Data Centers, Body Corporate And Government Organizations To CERT-In In India

Article by Vijay Pal Dalmia, Advocate, Supreme Court of India and Delhi High Court, Partner & Head of Intellectual Property Laws Division, Vaish Associates Advocates, India

[Rule 12(1)(a) of The Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013 ( https://www.meity.gov.in/writereaddata/files/G_S_R%2020%20%28E%292_0.pdf) ]

1. Targeted scanning/probing of critical networks/systems
2. Compromise of critical systems/information
3. Unauthorised access of IT systems/data
4. Defacement of website or intrusion into a website and unauthorised changes such as inserting malicious code, links to external websites etc.
5. Malicious code attacks such as spreading of virus/worm/Trojan/Bots/ Spyware/Ransomware/Cryptominers
6. Attack on servers such as Database, Mail and DNS and network devices such as Routers
7. Identity Theft, spoofing and phishing attacks
8. Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
9. Attacks on Critical infrastructure, SCADA and operational technology systems and Wireless networks
10. Attacks on Application such as E-Governance, E-Commerce etc.
11. Data Breach
12. Data Leak
13. Attacks on Internet of Things (IoT) devices and associated systems, networks, software, servers
14. Attacks or incident affecting Digital Payment systems
15. Attacks through Malicious mobile Apps
16. Fake mobile Apps
17. Unauthorised access to social media accounts
18. Attacks or malicious/ suspicious activities affecting Cloud computing systems/servers/software/applications
19. Attacks or malicious/suspicious activities affecting systems/ servers/ networks/ software/ applications related to Big Data, Block chain, virtual assets, virtual asset exchanges, custodian wallets, Robotics, 3D and 4D Printing, additive manufacturing, Drones
20. Attacks or malicious/ suspicious activities affecting systems/ servers/software/ applications related to Artificial Intelligence and Machine Learning

The incidents can be reported to CERT-In via

1. email (incident@cert-in.org.in),
2. Phone (1800-11-4949) and
3. Fax (1800-11-6969).

By

Vijay Pal Dalmia, Advocate

Supreme Court of India & Delhi High Court

Email id: vpdalmia@gmail.com 

vpdalmia@vaishlaw.com

Mobile No.: +91 9810081079

LinkedIn: https://www.linkedin.com/in/vpdalmia/

Facebook: https://www.facebook.com/vpdalmia

Twitter: @vpdalmia

© 2020, Vaish Associates Advocates,
All rights reserved
Advocates, 1st & 11th Floors, Mohan Dev Building 13, Tolstoy Marg New Delhi-110001 (India).

The content of this article is intended to provide a general guide to the subject matter. Specialist professional advice should be sought about your specific circumstances. The views expressed in this article are solely of the authors of this article.