The government has declared the IT resources of ICICI Bank, HDFC Bank and UPI managing entity NPCI as 'critical information infrastructure', implying any harm to them can have an impact on national security and any unauthorised person accessing these resources may be jailed for up to 10 years, according to an official notification.
The Ministry of Electronics and IT (MeitY), in the notification dated June 16, declared the IT resources of ICICI Bank as critical infrastructure under Section 70 of the IT Act, 2000.
"The central government hereby declares the computer resources relating to the Core Banking Solution, Real Time Gross Settlement and National Electronic Fund Transfer comprising Structured Financial Messaging Server, being critical information infrastructure of the ICICI Bank, and the computer resources of its associated dependencies to be protected systems for the purpose of the said Act," the notification said.
In a similar worded two other notifications, Meity declared IT resources of HDFC bank and UPI managing entity National Payments Corporation of India (NPCI) as critical infrastructure.
The notification authorises access of IT resources of the notified entities by their designated employees, authorised team members of contractual managed service providers or third-party vendors who have been authorised by them for need-based access and any consultant, regulator, government official, auditor and stakeholder authorised by the entities on case-to-case basis.
"Looking at the recent sophisticated cyber attacks, it is high time all the banks and financial institutions get themselves notified as a protected system.
"Similarly, the control system of all the electricity, oil, airports, railways, metros and transport systems are critical infrastructure and must be declared as a protected system," SP, Cyber Crime, Uttar Pradesh Police, and certified cyber expert Triveni Singh said.
As per the Act, 'critical information infrastructure' means a computer resource, the incapacitation or destruction of which, shall have debilitating impact on national security, economy, public health or safety.
Any person who secures access or attempts to secure access to a protected system in contravention of the provisions shall be punished with imprisonment of a term which may extend to 10 years and shall also be liable for a fine, the Act says.
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve hit your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Quarterly Starter
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Access to Exclusive Premium Stories Online
Over 30 behind the paywall stories daily, handpicked by our editors for subscribers


Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share


Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor


Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements


Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app