Latest news with #Wig
Time of India
27-06-2025
- Business
- Time of India
Digital safety: DoT proposes stricter cybersecurity rules; central Mobile Number Validation Platform to combat fraud
The department of telecommunications (DoT) has proposed sweeping changes to India's telecom cybersecurity framework, allowing it to mandate mobile number or identity verification through a centralised government-run platform, as part of efforts to crack down on online fraud and spoofing. Tired of too many ads? go ad free now According to a draft notification of the amended Telecommunications (Telecom Cyber Security) Rules, 2024, the DoT has suggested creating a 'Mobile Number Validation' (MNV) platform that will be accessible to telecom operators and entities such as banks, financial institutions, and e-commerce companies. As per ET, these authorised stakeholders will be allowed to verify users' mobile numbers by paying a prescribed fee. 'With a view to ensuring telecom cyber security and prevent security incidents, the Central Government shall by itself, or through an agency authorised by the Central Government, establish an MNV platform,' the DoT stated in the notification. The government can also direct device manufacturers to assist in identifying tampered phones using duplicate IMEI numbers, and maintain a database of such compromised devices. The platform will offer tiered pricing for verification requests that government-authorised entities can access it at Rs 1.5 per request, while all others will be charged Rs 3 per validation. Notably, under the draft rules, the government can immediately suspend a mobile number without notice if it believes the action is necessary in the public interest. The changes also give law enforcement agencies and authorised government bodies the ability to collect transaction histories involving mobile numbers from non-telecom entities. Tired of too many ads? go ad free now The draft introduces a new category called 'Telecommunication Identifier User Entities' (TIUEs), which includes all businesses and platforms that use mobile numbers to authenticate customers, such as banks verifying UPI-linked numbers. As per news agency PTI, at least one major bank has already begun piloting the MNV system, flagging numbers involved in fraudulent transactions for 90-day deactivation. Once the period ends, the number's history is deleted to prevent issues for future users. The new cybersecurity rules have triggered debate over their broader implications. While experts recognise the importance of enhanced protection, they also point to potential challenges. 'The proposed Telecom Cybersecurity Amendment Rules 2025 represent a strong policy move toward securing India's digital infrastructure,' said Tarun Wig, co-founder and CEO at Innefu Labs, as quoted by ET. However, he warned of 'potential friction around data privacy, integration complexity, and the cost of compliance, especially for smaller digital platforms and startups.' Wig added, 'Operationalising such a system at scale while ensuring minimal disruption and maximum data protection will be a key challenge.' The DoT has invited public comments on the draft rules within 30 days of publication.
Economic Times
08-05-2025
- Business
- Economic Times
Cyber sleuths ramp up vigil on critical infra as Pakistan conflict spills online
Live Events Central and state cybersecurity agencies are on high alert as escalating Indo-Pakistan tensions are expected to fuel major cyber threats and misinformation campaigns over the next few signs of heightened threat activity have already emerged across utilities such as oil and gas, electricity grids, and telecom networks, particularly in states bordering conflict zones and the national capital, cybersecurity experts tracking the events told Wednesday morning, soon after India carried out a series of air strikes on terror infrastructure sites in Pakistan-occupied Kashmir and Pakistan, cybersecurity consultants and digital forensics teams issued advisories to banks, stock exchanges, and key digital public platforms like Aadhaar and UPI, urging immediate shutdown of non-essential systems and ramped-up Stock Exchange and BSE have temporarily restricted access to their website for international users."The cyber threat was particularly very high yesterday. The restriction for foreign IP (Internet protocol) addresses will continue until further notice," said a person close to the has been restricted since 1 pm yesterday. However, if there is any specific request from a client then exchanges are considering it, sources exchanges took the decision after consulting declined to comment. A spokesperson for BSE said: "BSE being a critical market infrastructure institution (MII) proactively and continuously monitors risks at domestic and international level for potential cyber threats. Based on such monitoring of cyber traffic, as a precautionary and protective measure, websites / locations are blocked to protect users and systems. The monitoring is dynamic and access is restored on a case to case basis subject to assessment of the threat." Tarun Wig, cofounder and CEO of Delhi-based information security provider Innefu Labs, said, "Given the tit-for-tat nature of these cyber exchanges, we assess that tensions are likely to remain high or even intensify."Innefu Labs' clients include the Defence Research and Development Organisation (DRDO), the Reserve Bank of India (RBI), and the Central Reserve Police Force (CRPF) among others."India's cyber defence agencies have rapidly mobilised," Wig said. "CERT-In and other cells are on high alert, implementing system hardening and AI-enabled monitoring. Real-time intrusion detection and incident response have been scaled up."According to Kaspersky's Cyberthreat Live Map, India has experienced a noticeable surge in cyberattacks since May 5, warn that the fallout could surpass the cyber impact seen after the 2019 Pulwama attack, with recent detections of sophisticated malware and spear-phishing campaigns, suggesting a well-coordinated analysts note that offensive cyber operations often mirror geopolitical flare-ups, so further spikes in hacking incidents are expected.
