National Critical Information Infrastructure Protection Centre (NCIIPC)
- March 2, 2021
- Posted by: OptimizeIAS Team
- Category: DPN Topics
No Comments
National Critical Information Infrastructure Protection Centre (NCIIPC)
Subject: Security
Context: A US cyber security firm said there was steep rise in the use of malware by a Chinese group called Red Echo to target India’s power sector organisations in 2020 when tension between India-China was high. The Centre confirmed it after NCIIPC informed it and said there was no data loss.
Concept:
- Earlier the Indian Computer Emergency Response Team (CERT-In) on November 19, 2020, informed the govt on the threat of a malware called Shadow Pad at some control centres of POSOCO (Power System Operation Corporation Ltd). T was later confirmed by NCIIPC.
- It is nodal agency to safeguard critical computer resources.
- Under Section 70A(1) of the Information Technology (Amendment) Act 2008 it has been designated for taking all measures including associated Research and Development for the protection of CIIs (Critical Information Infrastructure) in India.
- NCIIPC is driven by its mission to take all necessary measures to facilitate protection of Critical Information Infrastructure.
- It is a unit of the National Technical Research Organisation (NTRO) and is based in New Delhi.
- NCIIPC protect and deliver advice that aims to reduce the vulnerabilities of critical information infrastructure, against cyber terrorism, cyber warfare and other threats.
- Identification of all critical information infrastructure elements for approval by the appropriate Government for notifying the same.
- Provide strategic leadership and coherence across Government to respond to cyber security threats against the identified critical information infrastructure
Critical information Infrastructure
- Information Infrastructure is the term usually used to describe the totality of inter-connected computers and networks, and information flowing through them
- Certain part of information infrastructure is dedicated for management / control etc. of infrastructure providers’ e.g. Power generation, Gas/oil pipelines, or support our economy or national fabric e.g. Banking / Telecom etc., and its failure or outage on our National well-being or National Security marks them as being Critical.
- Information infrastructure supporting the operations of Critical Infrastructure (CI) designate such infrastructure as Critical Information infrastructure (CII).
- IT Act, 2000: “Critical Information Infrastructure means the computer resource, the incapacitation or destruction of which, shall have debilitating impact on national security, economy, public health or safety”.
NCIIPC has broadly identified the following as ‘Critical Sectors’:-
- Power & Energy
- Banking, Financial Services & Insurance
- Telecom
- Transport
- Government
- Strategic & Public Enterprises