Why is it in the news?
- CERT-In (Computer Emergency Response Team – India) has been exempted from the Right to Information Act (RTI), 2005.
- There are 26 other intelligence and security organizations established by the Central government that are also exempted under RTI, including the Intelligence Bureau, Research and Analysis Wing, Directorate of Enforcement, and National Technical Research Organisation.
About CERT-In
- CERT-In is a nodal agency under India’s Ministry of Electronics and Information Technology.
- It was established in 2004 under the Information Technology Act, 2000 Section (70B).
- CERT-In works in coordination with National Critical Information Infrastructure Protection Centre NCIIPC (under NTRO and PMO) and NDMA (under the Ministry of Home Affairs) to monitor cyber-attacks, issue security guidelines, and liaise with national cybersecurity bodies.
- Some of its recent activities include hosting the ‘Synergy’ exercise in 2022 with international participation.
- CERT-In has international agreements and Memoranda of Understanding (MoUs) with countries like the UK, Korea, Canada, Australia, Malaysia, Singapore, Japan, and Uzbekistan, as well as cooperation with the Shanghai Cooperation Organisation.
- Notable incidents addressed by CERT-In include reporting the Android Jelly Bean flaw in 2014, identifying Chrome vulnerabilities in 2020, and addressing the WhatsApp vulnerability in 2021. It also investigated the cyber-attack on AIIMS in 2022.
- In 2021, CERT-In faced 11.5 million cyberattack incidents, including attacks on critical infrastructure and government entities.