Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label HIPS. Show all posts

Increasing Cyber Attacks Prompt the IT Ministry to Beef Up the E-mail Security

 


A new report released by the Ministry of Electronics and Information Technology (MeitY) has suggested that the ministry is looking into strengthening the security of its email system in light of the increasing number of cyberattacks.

NIC has issued a Request for Proposals (RFP) to select a system integrator to maintain the existing email setup, add additional security framework support, and integrate an additional infrastructure into the existing setup. The government is seeking to select a system integrator that will be able to perform these tasks.

There is a Network Information Centre (NIC), under the jurisdiction of MeitY, which meets the government's information and communication technology (ICT) requirements at all levels, designs and develops IT systems for the government, and so forth.

"With the rapid adoption of emerging technologies, here comes a new generation of cyberattacks that are complex and targeted. As a result, cyberattacks targeting government email infrastructure are increasing exponentially," reported the NIC.

"To address the issue of advanced threats and cyberattacks, the security of the existing email service will have to be enhanced to provide a secure communication channel, deploying state-of-the-art security software and features to ensure effective and reliable communication," the NIC said in its RFP.

It has been reported that Moneycontrol has contacted the NIC with additional questions in this regard and the article regarding the same will be updated when a reply will be received from the NIC.

As part of the proposed additional security, it will be necessary to acquire threat intelligence software that supports the integration of third-party security to secure virtual machines from viruses, malware, etc.

The software must be able to detect malware that is not only capable of highlighting threat indicators but also capable of analyzing them.

It was stated in the RFP that "the information should include, among other things, background information on the threat actors and attack methods associated with specific indicators and artefacts that are linked to the threat actors."

As part of the threat intelligence collection process, it should also be capable of providing threat intelligence reports. These may include information such as the goal of the cyber attacker, variants of the threat, the outcome of a cyberattack, and so on.

The security measures for the government's email infrastructure will also include the implementation of HIPS (host intrusion prevention system), which monitors security across physical and virtual servers.

According to the RFP, the company will also acquire a security gateway that supports email security solutions that integrate inbound and outbound defences against email threats. These defences integrate inbound and outbound security analytics.

The RFP stated: "Potentially, the solution should be able to protect the company from zero-day and targeted attacks and be able to dynamically analyze messages attachments for malware without sending files to the cloud," according to the document.

"It is essential that the email security appliance be able to produce a PDF file containing a print-safe version of a message attachment that has been detected as malicious or suspicious."


Analyzing the security situation


Apart from that, the system integrator should also conduct an audit of the email architecture. This includes evaluating the email solution, changes in the design, changes in the operating system, and so on, as well as an assessment of the whole email environment.

There will also be a requirement for the system integrator to conduct a data audit of the email platform that is used by the government. According to the NIC, this is following any major feature changes, patch upgrades, and security fixes that are scheduled for the upcoming month.

Cyberattacks on government entities have increased in recent years


There has been an increase in the number of cyberattacks on the government, especially on the email infrastructure that the government uses as a communication tool.

According to a report in the Indian Express in December, several employees of various central ministries received mysterious emails from the nic. in the domain, which implied the death of Gen. Bipin Rawat had been caused by an "internal hand." From the nic. in the domain, the email claimed to be from a secret service agent.

A phishing attempt was carried out through compromised domain email IDs to try and lure officials of the Centre into clicking on the unsolicited link.

There was a similar cyberattack that took place in October last year when Prime Minister Narendra Modi visited the United States. A compromised email account belonging to the government was used in the attack.