India is set to take steps to protect itscyber infrastructure and designate agencies for carrying out offensive cyber attacks on other countries. The move comes at a time when proof shows countries launching cyber attacks – not only for intelligence gathering – and many nations describing the attacks as an act of war.
According to sources, the National Security Council(NSC) headed by Prime Minister Manmohan Singhwould soon approve the comprehensive plan and designate the Defence Intelligence Agency (DIA) and National Technical Research Organization (NTRO) as agencies for carrying out offensive cyber operations, if necessary. All other intelligence agencies would be authorized to carry out intelligence gathering abroad, but not offensive operations, sources said.
The detailed policy for national cyber infrastructure protection is presently before the NSC awaiting its approval. The policy would identify all government agencies that would have a role in the protection of Indian cyber infrastructure and define their roles.
The move to not just define defensive mechanism but also designate agencies for offensive operations comes as New Delhi tackles repeated waves of cyber intrusions, though all of them are aimed at gathering information from critical networks. But the next stage, of an adversary carrying out offensive cyber attack, of bringing down a power grid, stalling air traffic control systems, or manipulating controls of a dam are now believed to be a real possibility.
Stuxnet, the cyber worm created by US’s National Security Agency and Israeli military and specifically targeted at Iran’s nuclear enrichment center at Natanz, was found to have infected Indian systems. “It was probably unintentional, but an intentional attack on India’s critical infrastructure cannot be ruled out,” says a senior official. “We haven’t yet seen a cyber attack, but only intelligence gathering. An attack that can debilitate our infrastructure is what we must be prepared for,” he said.
CERT-IN (Computer Emergency Response Team India) would be responsible for protection of most of the cyber space, while NTRO would be tasked to protect the critical infrastructure such as important government networks. NTRO would be tasked to create the National Critical Information Infrastructure Protection Centre (NCIPC), which would be a command-and-control centre for monitoring the critical infrastructure. It would be a round-the-clock centre, providing real time response to cyber security breaches.
The proposal before NSC also envisages creation of sectoral CERTs in order to respond quickly to protect power distribution networks, Air Traffic Controls, traffic networks and other areas that heavily dependent on networked systems, and thus are susceptible to attacks.
The policy suggests that the defence forces would be responsible for their own networks’ protection.
NTRO and Intelligence Bureau (IB) would primarily be responsible for security of various government networks. While NTRO would operate through NCIPC, IB would be mainly looking at the physical security of networks. State polices, CBI, NIA etc would be tasked to do follow up action, if any intrusions are detected.