The Narendra Modi government is getting a new system to counter cyber-attacks with its IT arm, with the National Informatics Centre (NIC) saying the government’s data is at threat from “nation state actors”.
News18 has accessed an NIC document regarding the plan to procure the new technology called a ‘Log Analytics Platform’ that will enable it to counter and mitigate cyber-attacks in time. “The quantum of government data and services, hosted/delivered through NIC’s ICT infrastructure, makes NIC one of the most lucrative targets for cyber-attacks by threat actors, including nation state actors,” the document says.
Chinese and Pakistani agencies have been long suspected to be behind many cyber-attacks on government servers.
The document says that the rapid adoption of emerging technologies has introduced advanced and dynamic cyberattacks. It adds that such sophisticated and targeted attacks are crafted to impact the government IT infrastructure and they are “increasing exponentially”.
NIC’s pan-India network serves as the backbone for the government’s Information and Communication Technology (ICT) services across the country, and NIC also manages the information security for the services hosted in NIC. The NIC will now build security teams at the central level to monitor the logs across the ICT infrastructure of NIC and places where NIC provides its services.
Logs Are Crucial
Logs are the key source of information which can be leveraged for cyber analytics, troubleshooting, threat hunting, health or performance monitoring, detecting and mitigating cyber-attacks or incidents, the document says.
“NIC plans to establish a log analytics platform, which can collect, ingest, enrich or transform, process and analyse logs on a petabyte scale. The platform shall integrate with the ICT infrastructure components of NIC, along with the threat intelligence, security automation and response solutions. Collectively, the platform is envisaged to help NIC get a 360-degree view of its cyber threat landscape and detect threats early and mitigate them quickly,” it says.
Log management solutions will be set up at NIC’s NDC in New Delhi and other NDCs of NIC in Bhubaneswar, Pune and Hyderabad. The system will have threat intelligence feeds on malicious IPs, domains, hashes and from the dark web. The feeds harvested will not be limited to only English-speaking sources but also be collected and interpreted from non-English sources like “Mandarin, Arabic, Russian, Korean, Urdu and Farsi”.
The threat intelligence would also be able to provide insight into how attackers and campaigns are organised and what targets are being attacked and, in addition, guidance on how to protect the organization from the attacks. A fully on-premises Threat Intelligence Platform (TIP) for consuming the threat intelligence will be set up at the NIC.
Comments
0 comment