Government declares ICICI, HDFC, NPCI computing resources as “critical information infrastructure”

The government has declared the IT resources of ICICI Bank, HDFC Bank and UPI management entity NPCI as “critical information infrastructure”, implying that any damage may impact the national security and any unauthorized person accessing these resources can be imprisoned for up to 10 years, according to an official notification.

The Ministry of Electronics and Information Technology (MeitY), in the notification dated June 16, declared ICICI Bank’s IT resources as critical infrastructure under Section 70 of the IT Act 2000.

“Central Government hereby declares IT resources relating to Core Banking Solution, Real-Time Gross Settlement and National Electronic Funds Transfer comprising Structured Financial Messaging Server, as critical information infrastructure of ICICI bank, and the computing resources of its associated dependencies as protected systems for the purposes of said law,” the notification reads.

In two other similarly worded notices, Meity said IT resources at HDFC Bank and UPI’s management entity National Payments Corporation of India (NPCI) were critical infrastructure.

The notification authorizes access to the computing resources of the notified entities by their designated employees, authorized team members of the contracted managed service providers or third-party providers who have been authorized by them for access as needed and any consultants , regulator, official, auditor and stakeholder authorized by the entities on a case-by-case basis.

“In view of the recent sophisticated cyberattacks, it is high time that all banks and financial institutions were notified as a protected system.

“Similarly, the control system of all electricity, oil, airports, railways, metros and transportation systems are critical infrastructure and must be declared as a protected system,” said SP, Cyber ​​Crime, Uttar Pradesh Police and Certified Cyber ​​Expert Triveni Singh. .

Under the law, “critical information infrastructure” means a computing resource whose incapacitation or destruction will have a debilitating impact on national security, the economy, public health or safety.

Anyone who secures or attempts to secure access to a protected system in violation of the provisions is punishable by imprisonment for up to 10 years and is also subject to a fine, the law says.

About Mariel Baker

Check Also

Are you looking for the most useful gift? Look to the cloud

Cloud computing has quickly found its way into every corner of our lives. It can …