The Government’s malware and botnet cleaning center ‘Cyber Swachhta Kendra’ (CSK) has started working with ISPs, academia, banks and anti-virus companies to provide citizens with tools to protect data on laptops, computers and mobile phones, reports the Financial Times. According to the ministry of electronics and information technology (MeitY), the initiative currently has 13 banks and 58 ISPs using the facility, and a budget of Rs 90 crore.
Note that the Government’s botnet and malware cleaning center was soft launched in December this year. At the time, the center, set up by CERT-In (Indian Computer Emergency Response Team), said it would be responsible for helping citizens disinfect their devices of malware, botnets etc. According to CERT-In it can easily identify which IP addresses are infected since they send out bots or spam, which can then be reported to ISPs. ISPs can direct users to the CERT-In website, where they will be prompted to download an antivirus or malware for free, and disinfect their systems.
Note, as we had said before, since CERT-In can only detect outgoing attack traffic, it will be useless against viruses that look to attack a user’s system. However, if the agency works as advertised, it should help in stopping major bot networks from forming in the country and preventing DDoS attacks like the one in July that slowed down Internet traffic in Mumbai, prompting MTNL to block port 25 on its network.
Note that it’s not clear which ISPs the agency has currently partnered with, but state telcos like BSNL and MTNL might be a safe bet. It’s also worth noting that the botnet cleaning center was first mulled in 2014, with the Government proposing setting one up through CERT-In, at a cost of Rs 50 crore, as a part of India’s cyber security policy. At the time, the Government said it would partner with ISPs in the next six months, which clearly did not happen. The program was confirmed again in May 2015 with a revised budget of Rs 100 crore, although no timeline was provided then.
What about other types of cyber-crime?
While an initiative like this one should help curb the spread of botnets and malware, it does nothing to prevent or report other types of cybercrime, which the Government has proven inept at dealing with. For example, no action was taken against the Mumbai lab which callously published the lab results of over 43,000 people online without securing. Similarly, of a total 8045 cyber-crimes were reported in 2015, of which only 250 convictions were made. Overall, 11,789 cyber-crime cases are pending investigations, and over 6,435, or 90.3% of the cases are pending trials in courts.