Why in News?

• CERT-In has conveyed that DTrack, a virus which originated in North Korea, is the weapon used in the cyber-attack on Kudankulam Nuclear Power Plant.

About DTrack Virus:

• DTrack is used by hackers to attack financial and research centres in India. Its earlier version ATM DTrack was designed to hack ATMs in India.
• “The malware was designed to be planted on the victim’s ATMs, where it could read and store the data of cards that were inserted into the machines.

About CERT-In:

• The Indian Computer Emergency Response Team (CERT-In) is nodal government agency that deals with cyber security threats like hacking and phishing in India.
• It was established in 2004 and comes under the aegis of Union Ministry of Electronics and Information Technology.

Objectives:

• Protect Indian cyberspace and software infrastructure against destructive and hacking activities.
• Strengthen security-related defence of the Indian Internet domain. Issue guidelines, vulnerability notes, advisories, and whitepapers regarding to information security practices, prevention, procedures, response and reporting of cyber security incidents.

Different types of Malware:

• Malware is the shortened form of malicious software. It is the general term for any program that is designed to damage, disrupt, or hack a device. Malware includes viruses, ransomware, spyware, Trojan, adware, etc.
• Viruses are malicious pieces of code that infect your device without your knowledge. They can affect your device’s performance, delete files, send spam, and even corrupt your hard drive. They multiply and spread to other machines, often before you’re aware of an infection.
• Ransomware is malicious programs that block access to your device until you pay a ransom fee to its creator. It is often very difficult and expensive to remove.
• Spyware is software that spies on you, tracking your internet activities in order to send advertising (Adware) back to your system.
• Worm is a program that replicates itself and destroys data and files on the computer. Worms work to “eat” the system operating files and data files until the drive is empty.
• Trojan is a type of malware that are written with the purpose of discovering your financial information, taking over your computer’s system resources, and in larger systems creating a “denial-of-service attack” which is making a machine or network resource unavailable to those attempting to reach it. Example: Google, AOL, Yahoo or your business network becoming unavailable.

Dealing with Cyber-Attacks on critical infrastructure:

• Nuclear power plants aren’t the only critical infrastructure in operation. As India digitises further, it will mean that there are more surfaces for attacks.
• India is centralising datasets, and connecting them together. Example: Aadhaar, the largest biometric database in the world; state resident data hubs with citizen data; the National Health Information Network with electronic health records is being planned; UPI; NATGRID with a plan to connect multiple databases together etc.
• As more critical infrastructure is set up, the risk of crippling critical parts of India’s security and economic infrastructure increases.
• Cyber-attacks are here to stay, and how the nation responds to them needs to be given due consideration.
• Defining global conventions around cyber-attacks something like a global agreement around the digital space, akin to a digital Geneva convention on cyber warfare could help. A minimum agreed-upon list of norms on what states must absolutely not do to other states and citizens is needed.
• India should consider strengthening its Computer Emergency Response Teams (CERT), and empowering sectoral CERTs. Working with the private sector to enhance capacity and manpower related to cyber security will help develop local capabilities.