Niraj Dubey
The “Cyber Swachhta Kendra” is a part of the Government of India’s Digital India – Power to Empower – initiative under the Ministry of Electronics and Information Technology (MeitY) to create a secure cyber space by detecting botnet infections in India and to notify, enable cleaning and securing systems of end users so as to prevent further infections.
The “Cyber Swachhta Kendra” (Botnet Cleaning and Malware Analysis Centre) is set up in accordance with the objectives of the “National Cyber Security Policy”, which envisages creating a secure cyber eco system in the country. This centre operates in close coordination and collaboration with Internet Service Providers (ISP) and Product/Antivirus companies. This website provides information and tools to
(https://www.cyberswachhtakendra.gov.in) users to secure their systems/devices. This centre is being operated by the Indian Computer Emergency Response Team (CERT-In) under provisions of Section 70B of the Information Technology Act, 2000 (IT Act 2000) been operational since January 2004, for analyzing BOTs/malware characteristics and providing information and enabling citizens for removal of BOTs/malware. The constituency of CERT-In is the Indian Cyber Community. CERT-In is the national nodal agency for responding to computer security incidents as and when they occur. In addition, “Cyber Swachhta Kendra” will strive to create awareness among citizens to secure their data, computers, mobile phones and devices such as home routers. Cyber Swachhta Kendra is real, trusted and safe, as it is being operated by the Indian Computer Emergency Response Team (CERT-In).
CERT-In has been designated to serve as the national agency to perform the following functions in the area of cyber security:
* Collection, analysis and dissemination of information on cyber incidents.
* Forecast and alerts of cyber security incidents
* Emergency measures for handling cyber security incidents
* Coordination of cyber incident response activities.
* Issue guidelines, advisories, vulnerability notes and whitepapers relating to information security practices, procedures, prevention, response and reporting of cyber incidents.
The “Cyber Swachhta Kendra” collaborates with DOTs, ISPs, antivirus companies and academia to detect systems infected by bots and notifies the end users regarding infection of their system and providing them assistance to clean their systems. All users, system administrators can report incidents to “Cyber Swachhta Kendra” at CERT-In help desk regarding the malicious behavior on their systems / networks along with sufficient logs for analyzing the incident and providing requisite support.
Cyber Swachhta Kendra will provide the services free-of-cost. If the user witness any unusual behavior such as an unknown communication sent by the system, unidentified data consumption, self-installed application/software, etc. the computer/ device should be scanned immediately with antivirus scanners or rescue disks provided freely or commercially by different antivirus vendors to detect malware/botnet infections. A User’s computer may be infected by a botnet/ trojan software that is capable of compromising the victims’ machine and using it for further malicious activities) and may connect to malicious servers, without his / her knowledge or consent. Cyber security companies, Law Enforcement agencies and Computer Emergency Response Teams, trace such activity while analyzing or investigating such malicious servers. Based on such analysis, it is suspected that a User’s IP address may be infected with specific bot/malware.
After analyzing anything fishy, CSK sends an alert to the ISPs, specifying the IP addresses of infected systems which are part of botnet and are performing malicious activities. ISPs then reach out to the owner(s) of infected system(s) with the help of registered IP address. A removal tool can be used by the user in order to detect and clean certain Bots/malware which is residing on the infected machine. Such tools enable users to run a scan of the machine against the antivirus signatures in an automated manner to detect the malwares on scanned machine and remove the malware. In general, CSK are meant to enhance the cyber security of Digital India’s IT infrastructure by providing alerts and information regarding the Bots/Botnet/malware infections prevalent in India along with free-of-cost removal tools to dis-infect the systems by suggesting remedial measures to concerned stakeholders to act timely by reporting to CERT-in on their E-mail id – (incident@cert-in.org.in) and get their system cleaned from all types of cyber infections. The author likes to conclude this article by this beautiful quote “The five most efficient cyber defenders are: Anticipation, Education, Detection, Reaction and Resilience. Do remember: “Cyber security is much more than an IT topic.”
The author is Sr. Faculty ( GCET Jammu) & Cyber Passionate(J&K)