Security News

India to require cybersecurity incident reporting within six hours
2022-04-29 15:07

The Indian government has issued new directives requiring organizations to report cybersecurity incidents to CERT-IN within six hours, even if those incidents are port or vulnerability scans of computer systems. The most notable new requirement is that any internet service provider, intermediary, data center, or government organization, shall report these incidents to CERT-In within six hours of noticing them.

India gives local techies 60 days to hit 6-hour deadline for infosec incident reporting
2022-04-29 10:46

India's Computer Emergency Response Team has given many of the nation's IT shops a big job that needs to be done in a hurry: complying with a new set of rules that require organizations to report 20 different types of infosec incidents within six hours of detection, be they a ransomware attack or mere compromise of a social media account. The national infosec agency stated the short deadline is needed as it has identified "Certain gaps causing hindrance in incident analysis."

India inks tech pact with EU – only the US has the same deal
2022-04-26 07:32

India's government and the European Union have signed up to create a "Trade and Technology Council" - an entity the EU has previously only created to enhance its relationship with the United States. Details of the Council's scope of operations have not been revealed, but the EU/US version of the entity works on standards for emerging technologies, tech supply chains, information security, data governance, preventing misuse of technology when it threatens security and human rights, and SME access to and use of digital technologies.

HCL and HP named in unflattering audit of India’s biometric ID system
2022-04-12 06:57

UADAI arranges for collection of the biometrics needed to create an Aadhaar - ten fingerprints, two iris scans, and a facial photograph - through enrollment agencies and registrars and provides authentication-as-a-service using Aadhaar numbers. More than a billion Aadhaar IDs have been issued and over 99 per cent of India adults have enrolled in the scheme.

Top chipmakers ignore India's semiconductor factory subsidies
2022-02-21 01:17

India has revealed the identities of companies that have applied to build semiconductor manufacturing facilities on its soil under a $10 billion subsidy scheme - and none are substantial chipmakers. As The Register reported last week, a consortium of Taiwan's Foxconn and Indian firm Vedanta committed to build a plant under the scheme, despite neither company having any previous experience in the field.

India's Reserve Bank deputy governor calls for crypto ban
2022-02-16 05:58

The deputy governor of the Reserve Bank of India, T Rabi Sankar, has delivered an extremely unflattering assessment of cryptocurrencies - worse than Ponzi schemes, wreckers of economies, and richly deserving of a ban within India. Speaking at the Indian Banks' Association's 17th Annual Banking Technology Conference, Sankar argued that cryptocurrencies are poorly named, as unlike fiat currencies they "Do not have an issuer, they are not an instrument of debt, nor commodities, nor do they have any intrinsic value."

Spot the irony: India's Reserve Bank says outsourcing and offshoring are risky
2022-02-14 03:59

The Reserve Bank of India has warned the nation's finance sector that outsourcing information technology jobs could "Expose them to significant financial, operational and reputational risks." A quick reminder: since the late 1990s, India has championed outsourcing IT services and profited mightily as a result.

Sri Lanka to adopt India’s Aadhaar digital identity scheme
2022-02-09 07:03

Sri Lanka has decided to adopt a national digital identity framework based on biometric data and will ask India if it can implement that nation's Aadhaar scheme. The island nation had previous indicated it would work with the Modular Open Source Identity Platform, an organisation based in India that offers tools governments can use to create and manage digital identities.

Amazon India execs questioned after sellers allegedly use site to smuggle marijuana
2021-11-22 03:58

Most modern chat systems are entirely proprietary: proprietary clients, talking proprietary protocols to proprietary servers. There's no need for this: there are free open standards for one-to-one and one-to-many comms for precisely this sort of system, and some venerable clients are still a lot more capable than you might remember.

India's Supreme Court starts probe into use of Pegasus spyware
2021-10-29 04:03

India's Supreme Court has taken the unusual step of commissioning a Technical Committee to investigate whether the national government used the NSO Group's "Pegasus" spyware on its citizens. Discomfort with India's use of Pegasus has bubbled along ever since, helped by several petitions that sought to determine the extend of government spyware usage, and whether or not it was constitutional.