At a time when financial transactions on the internet are on a rise, the Ministry of Electronics and Information Technology on Tuesday launched five cyber-security tools, as part of its Cyber Swachhta Kendra (CSK), to prevent users from facing threats on the web. These tools are — Bot Removal Tool, USB Pratirodh, AppSamvid, M-Kavach and Browser JSGuard.
Even though all these tools will be provided free of cost, four of these tools, which are meant to guard computers, would only run on Microsoft’s Windows operating system, a move which experts have pegged to be against the government’s open source policy. The open source policy calls for adoption of open standards for government procurement.
The Indian Computer Emergency Response Team (CERT-In), which has developed the CSK, would collect data of infected systems that are connected with the internet service providers and banks that have come on-board and send inform them of any threats.
The Bot Removal Tool has been developed by Pune-headquartered Quick Heal Technologies, which would detect and remove botnet infection from computers. However, it does not provide any protection against other malware, or prevent data theft, making it necessary for a user to have an anti-virus software. A botnet, or a robot network, is a number of devices connected to the internet, which are used by a botnet owner to perform various tasks such as performing Distributed Denial Of Service Attack, steal data, send spam, allow the attacker access to the device and its connection. A device is compromised when it is penetrated by software from a malicious software, also known as malware.
The CSK has 58 internet service providers (ISPs) and 13 banks on-board that are sharing their information for analysis and cleaning of malware from their systems. Through the CSK, CERT-In would monitor movement of malware in the systems of ISPs that are connected and would inform these companies. The internet companies would then inform users of possible threats to their computers.
Apart from this, the four other tools that have been launched were developed by the Centre for Development of Advanced Computing (C-DAC).
USB Pratirodh is a software solution, which controls unauthorised usage of portable USB mass storage devices. Through this software, user can add or remove devices to the database, and also bind one or more USB devices to be accessed using a username and password. Any unauthorised new USB device cannot be accessed, unless it is registered. Whenever a USB device gets plugged in, the user would need to authenticate it. The software also detects and deletes malware from the mass storage device plugged into a computer. USB Pratirodh works on Windows 7 and Windows 10, according to an information pamphlet distributed by the Indian Computer Emergency Response Team .
The AppSamvid tool has been developed as a software to white-list executable files that would run on a computer, as opposed to the method adopted by anti-virus software to black-list files that may contain viruses. One advantage that the white-listing method presents is that it does not require frequent definition updates. Through this software, users can choose to add trusted executable files to the white-list, and only those files will be allowed to run. Executable files, those which end with an extension .exe, .class, .war, .jar, are often loaded with trojans and viruses. Upon execution of these files, they infect the computers.