And whereas, as per provisions of sub-section (6) of section 70B of the IT Act,
2000, CERT-In is empowered and competent to call for information and give
directions to the service providers, intermediaries, data centres, body corporate
and any other person for carrying out the activities enshrined in sub-section (4)
of section 70B of the IT Act, 2000.
And whereas, various instances of cyber incidents and cyber security incidents
have been and continue to be reported from time to time and in order to coordinate
response activities as well as emergency measures with respect to cyber security
incidents, the requisite information is either sometime not found available or
readily not available with service providers/data centres/body corporate and the
said primary information is essential to carry out the analysis, investigation and
coordination as per the process of law.
And whereas, it is considered expedient in the interest of the sovereignty or
integrity of India, defence of India, security of the state, friendly relations with
foreign states or public order or for preventing incitement to the commission of
any cognizable offence using computer resource or for handling of any cyber
incident, that following directions are issued to augment and strengthen the cyber
security in the country:
(i) All service providers, intermediaries, data centres, body corporate and
Government organisations shall connect to the Network Time Protocol
(NTP) Server of National Informatics Centre (NIC) or National Physical
Laboratory (NPL) or with NTP servers traceable to these NTP servers, for
synchronisation of all their ICT systems clocks. Entities having ICT
infrastructure spanning multiple geographies may also use accurate and
standard time source other than NPL and NIC, however it is to be ensured
that their time source shall not deviate from NPL and NIC.
(ii) Any service provider, intermediary, data centre, body corporate and
Government organisation shall mandatorily report cyber incidents as
mentioned in Annexure I to CERT-In within 6 hours of noticing such
incidents or being brought to notice about such incidents. The incidents can
be reported to CERT-In via email (incident@cert-in.org.in), Phone (180011-4949) and Fax (1800-11-6969). The details regarding methods and
formats of reporting cyber security incidents is also published on the
website of CERT-In www.cert-in.org.in and will be updated from time to
time.
Page 2 of 8