India Hacked! Part III -- Building Shadow Armies

[InfoSec News <alerts () infosecnews org>]

http://www.theindiasite.com/india-hacked-part-iii-building-shadow-armies/

By Ulrik McKnight
The India Site
Sept 21, 2011

India’s Shadow Army -- More A Shadow Than An Army?

Shaken up by massive data losses, the Indian government has begun to 
take action. As NTRO Officer on Special Duty Pukhraj Singh told The 
India Site in an exclusive interview: "Recent developments include the 
public release of a cybersecurity policy by the Ministry of 
Communications and IT. Also, CERT-IN, NIC and ministers managing the IT 
portfolio have become more active."

Pukhraj Singh points out that several groups within the Government work 
on cybersecurity. They are naturally hesitant to share details of their 
operations, but public sources provide some insight.

NTRO, the National Technical Research Organisation, functions at the 
highest level from within the Prime Minister’s Office. NTRO is thought 
to be building an exceptional team with access to high-end technology. 
But reports suggest it isn’t progressing smoothly. A much needed draft 
cybersecurity policy enforceable by law (or an executive directive) was 
lost in a sea of bureaucracy and not implemented. Worse, NTRO is 
embroiled in scandal after an audit by the Comptroller and Auditor 
General reportedly found large-scale irregularities in procurement. NTRO 
chose to defend itself by invoking national security as an excuse not to 
share information on this.

CERT-IN, the Indian Computer Emergency Response Team, is a central 
agency built to respond to computer security incidents. It is reportedly 
a small, underpaid organization dependent upon contract employees rather 
than permanent staff.

[...]

_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/