Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
For
Countering Cyber Attacks and Cyber
Terrorism
March, 2019
Introduction
Definitions of CMP
Purpose of CMP
Types of Crisis
Cyber Security Crisis,
Possible targets and
Impact
Crisis Recognition, Mitigation and Management Structure of CMP
Implementation of CMP Points for Action of CMP eGovernance News
Introduction
Crisis Management is a critical Organizational function. Failure can result in serious
harm to stakeholders, losses for an organization, or end its very existence. Public
relations practitioners are an integral part of crisis management teams. So a set of
best practices and lessons collected from our knowledge of crisis management
would be a very useful resource for those in public relations. Volumes have been
written about crisis management by both practitioners and researchers from many
different disciplines making it challenges to synthesize what we know about crisis
management and public relations place in that knowledge base. The best place to
start this effort is defining critical concepts.
A crisis can create three related threats: 1) public safety, 2) financial loss, and 3)
reputation loss. Some crisis, such as industrial accidents and product harm, can
result in injuries and even loss of lives.
Crisis can create financial loss by disrupting operations, creating a loss of market
share/purchase intentions, or spawning lawsuits related to the crisis. A crisis reflects
poorly on an organization and will damage a reputation to some degree. Clearly
these three threats are interrelated. Injuries or deaths will results in financial and
reputation loss while reputations have a financial impact on organizations.
• Covers different type of cyber crisis, possible targets and related impact, actions
and responsibilities of concerned stakeholders, cyber incident response
coordination among Ministries/Departments of Central Government, its agencies
and Critical Information Infrastructure organizations to deal with cyber crisis
situations.
Purpose of CCMP
The Cyber Crisis Management Plan for countering cyber attacks and cyber terrorism
describes the framework for cyber incident response coordination among
Ministries/Departments of Central Government, its agencies and Critical Information
Infrastructure organizations. This crisis management plan addresses the definition and
documentation of IT & Cyber security incident management procedures for such
systems and services in Department of Animal Husbandry and Dairying, Ministry of
Agriculture and Farmers Welfare.
The field of cyber security is technology intensive and new vulnerabilities emerge with
advancement in technologies giving rise to new types of incidents. As such, the plan of
response to cyber security incidents need to be updated on regular basis, preferably
once in a year.
Structure of CCMP
The structure of Crisis Management Plan for countering Cyber Terrorism has five
sections dealing with the following:
Types of Crisis
Crises have many sources, some of which are common to all organizations. Others are
specific to certain industries. For directors, it may be helpful to consider them as fitting
into one of three groups, based on their severity, frequency and timing:
Potential crises are serious problems that grow larger over time and become
critical if they are not addressed. They include declining sales, profits and share
prices, failure to respond to new competition, investigations by regulators, and
financial difficulties. These problems affect the long-term viability of the entire
organization and should be addressed by the CEO through the strategic planning
and risk management processes. These groupings of crises are linked. For
example: Operational crises may be symptoms of potential crises.
Sudden crises are events that occur unexpectedly and have a major effect on
the organization. These include natural disasters, sabotage and outages of vital
services such as power, water or computers. The CEO should have plans for
managing crises and business continuity and test the plans through realistic
scenario-based simulations.
Operational crises are the day-to-day, minor crises of running the organization
and serving individual customers. With good management these can be avoided
or promptly resolved.
Types of Crisis Impact
1 Malware “Malicious S/W” such as ransom ware, designed to damage or
controls a computer system.
2 Phishing Fake official emails (bank etc.) link to fake websites, where
victims log in, giving up theirs passwords.
3 Man-in-the Middle Hackers insert themselves between your computer and the web
Attacks server.
4 DDOS(Distributed Network of computers overload a server with data, shutting it
Denial of Service down.
5 Cross-Site Scripting Inject malicious code into a website which targets the visitor’s
browser.
6 SQL Injection Corrupt data to make a server divulge data, such as credit cards
Attacks numbers, usernames.
7 Domain Name Total/partial disruption of ‘.in’ registry services.
Sever(DNS) attacks Illegal diversion of Internet and mail traffic to some other
countries.
8 Malicious Code Hanging Computer Systems,
attacks Monetary loss, Information loss, Break down of data access
(Virus/Worm/Trojans services.
/Botnets)
Action Implementation
1 Nomination of Chief JS(IT) nominated as CISO for ____
Information Security
Officers
2 Information Security To ensure standard practices are in place for
Policy and maintaining & managing cyber crisis.
Implementation of Best
Practices (IT Group) PC Level – All Desktops are provided Internet
connectivity from Centralized NIC.
3 Business Continuity Plan Presently Local Area Network is under restructuring/
(BCP) installation phase at HQ, Business Continuity Plan
(BCP) will be formulated as per the requirement
when LAN is established in __________.
4 Disaster Recovery Plan Regular back-up of the existing website and
(DRP) important documents. Since the installation of
LAN is in early stage, the network level
Disaster recovery plan will be made
available after commissioning of LAN.
5 Security of Information All the systems are installed with licensed
Infrastructure and operating system.
Network OS is being updated with regularly with the
latest patches.
Antivirus is installed valid license.
LAN is in restructuring phase.
The remote monitoring and maintenance of
the PCs is strictly restricted.
The software at network, stand alone systems
and application level shall be upgraded
regularly by applying/ installing upgrades and
updates.
5 Network Traffic Scanning LAN is in restructuring phase.
6 Manpower engaged in IT Group at HQ, _______, CSO at each zone and
cyber security activities ISO at the field establishments are the dedicated
persons engaged in cyber security activities.