To comply with the CERT-In directive under Section 70B of the IT Act, 2000, organizations are required to report specific cyber security incidents within 6 hours of noticing such incidents or being informed about them. The reporting should be done using the prescribed format provided by CERT-In.
Types of cyber security incidents mandatorily to be reported by service providers, intermediaries, data centres, body corporate and Government organisations to CERT-In:
[Refer Rule 12(1)(a) of The Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013]
1. Targeted scanning/probing of critical networks/systems
2. Compromise of critical systems/information
3. Unauthorised access of IT systems/data
4. Defacement of website or intrusion into a website and unauthorised changes such as inserting malicious code, links to external websites etc.
5. Malicious code attacks such as spreading of virus/worm/Trojan/Bots/ Spyware/Ransomware/Cryptominers
6. Attack on servers such as Database, Mail and DNS and network devices such as Routers
7. Identity Theft, spoofing and phishing attacks
8. Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
9. Attacks on Critical infrastructure, SCADA and operational technology systems and Wireless networks
10. Attacks on Application such as E-Governance, E-Commerce etc.
11. Data Breach
12. Data Leak
13. Attacks on Internet of Things (IoT) devices and associated systems, networks, software, servers
14. Attacks or incident affecting Digital Payment systems
15. Attacks through Malicious mobile Apps
16. Fake mobile Apps
17. Unauthorised access to social media accounts
18. Attacks or malicious/ suspicious activities affecting Cloud computing systems/servers/software/applications
19. Attacks or malicious/suspicious activities affecting systems/ servers/ networks/ software/ applications related to Big Data, Block chain, virtual assets, virtual asset exchanges, custodian wallets, Robotics, 3D and 4D Printing, additive manufacturing, Drones
20. Attacks or malicious/ suspicious activities affecting systems/ servers/software/ applications related to Artificial Intelligence and Machine Learning.
Disclaimer: The information contained in this Article is intended solely for personal non-commercial use of the user who accepts full responsibility of its use. The information in the article is general in nature and should not be considered to be legal, tax, accounting, consulting or any other professional advice. We make no representation or warranty of any kind, express or implied regarding the accuracy, adequacy, reliability or completeness of any information on our page/article.