Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label IT Ministry. Show all posts

As Deepfake of Sachin Tendulkar Surface, India’s IT Minister Promises Tighter Rules


On Monday, Indian minister of State for Information Technology Rajeev Chandrasekhar confirmed that the government will notify robust rules under the Information Technology Act in order to ensure compliance by platform in the country. 

Union Minister, on X, expressed gratitude to cricketer Sachin Tendulkar for pointing out the video. Tendulkar, in X, for pointing out the video, said that AI-generated deepfakes and misinformation are a threat to safety and trust of Indian users. He notes that platforms must comply with advisory issued by the Centre. 

"Thank you @sachin_rt for this tweet #DeepFakes and misinformation powered by #AI are a threat to Safety&Trust of Indian users and represents harm & legal violation that platforms have to prevent and take down. Recent Advisory by @GoI_MeitY requires platforms to comply wth this 100%. We will be shortly notifying tighter rules under IT Act to ensure compliance by platforms," Chandrasekhar posted on X

On X, Sachin Tendulkar was seen cautioning his fans and the public that aforementioned video was fake. Further, he asked viewers to report any such applications, videos and advertisements. 

"These videos are fake. It is disturbing to see rampant misuse of technology. Request everyone to report videos, ads & apps like these in large numbers. Social media platforms need to be alert and responsive to complaints. Swift action from their end is crucial to stopping the spread of misinformation and fake news. @GoI_MeitY, @Rajeev_GoI and @MahaCyber1," Tendulkar said on X.

Deepfakes are artificial media that have undergone digital manipulation to effectively swap out one person's likeness for another. The alteration of facial features using deep generative techniques is known as a "deepfake." While the practice of fabricating information is not new, deepfakes use sophisticated AI and machine learning algorithms to edit or create visual and auditory content that is easier to trick.

Last month, the government urged all online platforms to abide by the IT rules and mandated companies to notify users about forbidden content transparently and accurately.

The Centre has asked platforms to take urgent action against deepfakes and ensure that their terms of use and community standards comply with the laws and IT regulations in force. The government has made it abundantly evident that any violation will be taken very seriously and could result in legal actions against the entity.  

Increasing Cyber Attacks Prompt the IT Ministry to Beef Up the E-mail Security

 


A new report released by the Ministry of Electronics and Information Technology (MeitY) has suggested that the ministry is looking into strengthening the security of its email system in light of the increasing number of cyberattacks.

NIC has issued a Request for Proposals (RFP) to select a system integrator to maintain the existing email setup, add additional security framework support, and integrate an additional infrastructure into the existing setup. The government is seeking to select a system integrator that will be able to perform these tasks.

There is a Network Information Centre (NIC), under the jurisdiction of MeitY, which meets the government's information and communication technology (ICT) requirements at all levels, designs and develops IT systems for the government, and so forth.

"With the rapid adoption of emerging technologies, here comes a new generation of cyberattacks that are complex and targeted. As a result, cyberattacks targeting government email infrastructure are increasing exponentially," reported the NIC.

"To address the issue of advanced threats and cyberattacks, the security of the existing email service will have to be enhanced to provide a secure communication channel, deploying state-of-the-art security software and features to ensure effective and reliable communication," the NIC said in its RFP.

It has been reported that Moneycontrol has contacted the NIC with additional questions in this regard and the article regarding the same will be updated when a reply will be received from the NIC.

As part of the proposed additional security, it will be necessary to acquire threat intelligence software that supports the integration of third-party security to secure virtual machines from viruses, malware, etc.

The software must be able to detect malware that is not only capable of highlighting threat indicators but also capable of analyzing them.

It was stated in the RFP that "the information should include, among other things, background information on the threat actors and attack methods associated with specific indicators and artefacts that are linked to the threat actors."

As part of the threat intelligence collection process, it should also be capable of providing threat intelligence reports. These may include information such as the goal of the cyber attacker, variants of the threat, the outcome of a cyberattack, and so on.

The security measures for the government's email infrastructure will also include the implementation of HIPS (host intrusion prevention system), which monitors security across physical and virtual servers.

According to the RFP, the company will also acquire a security gateway that supports email security solutions that integrate inbound and outbound defences against email threats. These defences integrate inbound and outbound security analytics.

The RFP stated: "Potentially, the solution should be able to protect the company from zero-day and targeted attacks and be able to dynamically analyze messages attachments for malware without sending files to the cloud," according to the document.

"It is essential that the email security appliance be able to produce a PDF file containing a print-safe version of a message attachment that has been detected as malicious or suspicious."


Analyzing the security situation


Apart from that, the system integrator should also conduct an audit of the email architecture. This includes evaluating the email solution, changes in the design, changes in the operating system, and so on, as well as an assessment of the whole email environment.

There will also be a requirement for the system integrator to conduct a data audit of the email platform that is used by the government. According to the NIC, this is following any major feature changes, patch upgrades, and security fixes that are scheduled for the upcoming month.

Cyberattacks on government entities have increased in recent years


There has been an increase in the number of cyberattacks on the government, especially on the email infrastructure that the government uses as a communication tool.

According to a report in the Indian Express in December, several employees of various central ministries received mysterious emails from the nic. in the domain, which implied the death of Gen. Bipin Rawat had been caused by an "internal hand." From the nic. in the domain, the email claimed to be from a secret service agent.

A phishing attempt was carried out through compromised domain email IDs to try and lure officials of the Centre into clicking on the unsolicited link.

There was a similar cyberattack that took place in October last year when Prime Minister Narendra Modi visited the United States. A compromised email account belonging to the government was used in the attack.