NEW DELHI: The government would soon announce the appointment of the first National Cyber Security Coordinator (NCSC), stepping up its effort to put up a coordinated response to the various challenges in cyber space.
Sources said Gulshan Rai, who presently heads the Indian Computer Emergency Response Team (CERT-IN), would be named the first NCSC. The coordinator’s task would primarily be to coordinate among various agencies involved in cyber security. Rai would be based at the National Security Council Secretariat.
Sources said Rai’s appointment could precede the approval of a comprehensive cyber security plan by the Cabinet Committee on Security (CCS). The plan is in final stages with certain legal issues being clarified. Among the issues are some objections to the legal powers of the proposed National Critical Information Infrastructure Protection Centre (NCIPC), a command-and-control centre for monitoring the critical infrastructure. NCIPC is to be managed by the technical intelligence agency NTRO (National Technical Research Organisation), and could have all the powers that the CERT-IN has.
The National Security Council, headed by the Prime Minister, has already approved the plan, and it is to be placed before the CCS for the final approval. Among the proposals is to designate Defence Intelligence Agency and NTRO as agencies tasked to carry out offensive operations for India in cyber space.
The move comes at a time when governments across the world are waking up to the widespread potential of cyber threat — not just to their databases and computer networks, but also to critical infrastructure, industrial complexes and even daily lives.
Earlier last month, US defence secretary Leon E Panetta warned of a “cyber-Pearl Harbor”, a wave of attacks from foreign hackers that could cripple America’s transportation systems, power grids, financial networks etc. Panetta spoke about “cyber-actors launching several attacks on our critical infrastructure at one time, in combination with a physical attack.”
National security advisor ( NSA) Shiv Shankar Menon on October 15 also spoke about the “enormous potential for damage” from cyber arena, while releasing a study on cyber security. Menon cited the role of social media in recent riots in Assam, Mumbai etc, and said the “important thing is to create a virtuous circle of security”.
Among the steps being initiated would be delineating work among various security, intelligence and IT agencies; creation of CERT for critical infrastructure sectors (such as power and aviation) and collaborating with private sector to improve the overall preparedness. The military would be responsible for protecting its own networks, under the proposed plan.
While India has not witnessed any crippling attack on its critical infrastructure, intelligence operations to take out sensitive information from government networks is an ongoing affair, say a senior official involved in cyber security.
The warning signals of far bigger damages are already there. Indian investigators had found Stuxnet, the cyber worm created by US’ National Security Agency and Israeli military and targeted at Iran’s nuclear enrichment centre at Natanz, in Indian systems………