Page 145 - DCAP306_DCAP511_E-COMMERCE_AND_E-BUSINESS
P. 145
E-Commerce and E-Business
It identifies patterns in intruder activity and works with other security organizations to resolve major
security issues. It also publishes many advisories, guidelines, and best practices to promote awareness
about security among the cyber community.
11.3.2 Functions of CERT-In
Under Section 70-B (4), as inserted by the recent Information Technology (Amendment) Act, 2008,
CERT-In has been designated to serve as the national agency to perform the following functions in the
area of cyber security:
1. Collection, analysis, and dissemination of information on cyber incidents.
2. Forecast and alerts of cyber security incidents.
3. Emergency measures for handling cyber security incidents.
4. Coordination of cyber incidents response activities.
5. Issue guidelines, advisories, vulnerability notes, and whitepapers relating to information security
practices, procedures, prevention, response, and reporting of cyber incidents.
For carrying out the activities, the CERT-In has been vested with authority to give directions to the
service providers, intermediaries, data centers, and any other person.
11.4 Summary
• A cyber threat is an intended or unintended illegal activity that could lead to unpredictable,
unintended, and adverse consequences on a cyberspace resource.
• Cyber attacks can be categorized as network based and executable based attacks.
• Executable based attack happens when a program is executed on the target computer system
through either of the following - virus, Trojan, worm, and spam.
• Cyber attacks are commonly directed towards economic and financial institutions.
• The first recorded cybercrime took place in the year 1820.
• Proper reporting of cybercrimes helps the policy makers to know about the trends and to allocate
resources to adequately tackle newer crimes.
• Governments should engage academic institutions to educate the common man about the dangers
of cybercrime.
• Indian Computer Emergency Response Team (CERT-In) is a government-mandated information
technology (IT) security organization that is responsible for handling computer security incidents,
reports on vulnerabilities. It also promotes effective IT security practices throughout the country.
11.5 Keywords
Computer Vandalism: Computer vandalism is a program that performs malicious functions such as
extracting a user's password, other data, or erasing the hard disk.
Defamation: It is a false communication that harms the reputation of an individual, business, product,
group, government, or nation. The claim may be expressly stated or implied to be factual.
Self-replicating: It is the ability to produce copies of itself.
Spyware: Software installed unintentionally, that intercepts personal data and transmits the information
to a third-party for commercial gain.
11.6 Self Assessment
1. State whether the following statements are true or false:
(a) Virus attacks modify normal program in order to perform fraudulent activities in addition to
the usual function of the program.
138 LOVELY PROFESSIONAL UNIVERSITY
