The appropriate Government may by notification in the official Gazette, declare any computer resource which directly or indirectly affects the facility of critical information infrastructure, to be a protected system.Explanation: For the purposes of this section, “critical information infrastructure” means the computer resource, the incapacitation or destruction of which, shall have debilitating impact on national security, economy, public health or safety.
The appropriate Government may, by order in writing, authorize the persons who are authorized to access protected systems notified under sub-section (1).
Any person who secures access or attempts to secure access to a protected system in contravention of the provisions of this section shall be punished with imprisonment of either description for a term which may extend to 10 years and shall also be liable to fine.
The Central Government shall prescribe the information security practices and procedures for such protected system. (Inserted Vide ITAA 2008)