TOPIC : WHY INDIA’S RAPID DIGITIZATION SHOULD HAVE ONE EYE ON CYBER CRIMES?

THE CONTEXT: With the growth of the internet and the proliferation of applications, products & services on it, citizens are being empowered and their lives transformed. Digitalization speeds up development, helps economic growth, brings people closer together and enables better use of resources. However, with the growth of the internet, cyber crimes are also on the increase.

Digitization has been the government’s main focus, which can be seen with the launch of the Digital India Mission. It has effect on various sectors like health, education, skilling, payments etc

CYBER SECURITY CONCERN

  • The IBM Security Data Breach Report of 2022 states that, for the fiscal year of 2022, the average data breach costs in India have reached a record high of â‚ą17.5 crores (â‚ą175 million) rupees, or around $2.2 million, which is an increase of 6.6% from 2021, and a staggering 25% from the average cost of â‚ą14 crores in 2020.
  • In 2021, cybersecurity incidents involved incidents revolving around unauthorized access and compromised personal data. For example, in the case of Air India, data files from more than 4.5 million customers were leaked in a cyber attack. In a separate incident, personal data leaks of around 180 million users were stolen straight from the database of Domino’s India.

VARIOUS TYPES OF CYBER SECURITY THREATS

MALWARE

Malware is malicious software such as spyware, ransomware, viruses and worms. Malware is activated when a user clicks on a malicious link or attachment, leading to dangerous software installation.

The rise of malware is attributed to crypto-jacking (the secret use of a victim’s computer to create cryptocurrency illegally) and Internet-of-Things malware (malware targeting devices connected to the internet such as routers or cameras).

RANSOMWARE

Ransomware is one of the most widely used methods of attacks. It asks to pay a ransom using online payment methods to regain access to your system or data. Online payment methods usually include virtual currencies such as bitcoins.

Example:

●        The All India Institute of Medical Sciences, Delhi allegedly faced a cyber attack on November 23, paralyzing its servers.

●        In May 2022, Indian airline SpiceJet reported a ransomware attack. It led to delays in several flights by up to 6 hours. Several passengers claimed sitting on the planes for 45 minutes to three hours.

THREATS AGAINST DATA: TARGETING SOURCES OF DATA TO GET UNAUTHORIZED ACCESS AND DISCLOSURE

A data breach is an incident where information is stolen or taken from a system without the knowledge or authorization of the system’s owner. A small company or large organization may suffer a data breach.

Threats against data can be mainly classified as data breaches (intentional attacks by a cybercriminal) and data leaks (unintentional releases of data).

India has faced a rise of 7.9% in data breaches since 2017. Also, the average cost per data breach record is mounting to INR 4,552 ($64).

TROJAN VIRUS

A Trojan can launch an attack on a system and can establish a backdoor, which attackers can use.

DENIAL OF SERVICE

DDoS attack makes an online service unavailable to users by interrupting them or suspending the hosting servers. The motives range from ransomware, pushing a certain ideology or cyber warfare.

In August 2020 the number of Distributed Denial of Service (DDoS) incidents in India hit a record high in terms of total DDOS packets, which were well in excess of 10 billion as per a study by global cyber security firm Radware.

PHISHING

Phishing attacks use fake communication, such as an email, to trick the receiver into opening it and carrying out the instructions inside, such as providing a credit card number.

SQL INJECTION

With the right password, a cyber attacker has access to a wealth of information. Social engineering is a type of password attack that Data Insider defines as “a strategy cyber attackers use that relies heavily on human interaction and often involves tricking people into breaking standard security practices.”

FINANCIAL FRAUD

Cosmos Bank Cyber Attack in Pune

A cyber attack in India was deployed on Cosmos Bank in Pune. This daring attack shook the whole banking sector of India when hackers siphoned off Rs. 94.42 crores from Cosmos Cooperative Bank Ltd. in Pune.

SIM Swap Scam

This involves transferring money from the bank accounts of many individuals. By fraudulently gaining SIM card information, both attackers blocked individuals’ SIM cards and with the help of fake document posts, they carried out transactions via online banking. They also tried to hack the accounts of various targeted companies.

JUICE JACKING

Juice jacking is a security exploit in which an infected USB charging station is used to compromise connected devices. The exploit takes advantage of the fact that a mobile device’s power supply passes over the same USB cable the connected device uses to sync data.

DEEPFAKE

Deepfake technology means it is now possible to generate fake audio, video or images that are almost indistinguishable from real ones. Bots pretending to be real people can disrupt online communities by flooding them with fake comments.

DISINFORMATION/MISINFORMATION: THE SPREAD OF MISLEADING INFORMATION

The increasing use of social media platforms and online media has led to a rise in campaigns spreading disinformation (purposefully falsified information) and misinformation (sharing wrong data). The aim is to cause fear and uncertainty.

Russia has used this technology to target perceptions of the war.

TYPES OF CYBER THREAT ACTORS

  • State-sponsored — Cyberattacks by countries can disrupt communications, military activities, or other services that citizens use daily.
    • India was the most targeted country in 2022 as attacks on government agencies more than doubled. Malaysia-based hacktivist group Dragon Force, ran campaigns such as #OpIndia and #OpsPatuk against India in retaliation to the controversial comments by an Indian politician on Prophet Mohammed.
  • Terrorists — terrorists may attack government or military targets, but at times may also target civilian websites to disrupt and cause lasting damage.
  • Hacktivism is a form of cyberattack where the hacker’s motivation is not financial gains but to promote a political agenda or protest against certain policies. According to a report by cyber security firm CloudSek, In 2022, hacktivism accounted for 9% of the cyberattacks on the government sector.
  • Industrial spies —Industrial espionage is the illegal and unethical theft of business trade secrets for use by a competitor to achieve a competitive advantage.
  • Organized crime groups — Criminal groups infiltrate systems for monetary gain. Organized crime groups use phishing, spam, and malware to carry out identity theft and online fraud. There are organized crime groups who exist to sell hacking services to others as well, maintaining even support and services for profiteers and industrial spies alike.
  • Hackers — There is a large global population of hackers, ranging from beginner “script kiddies” or those leveraging ready-made threat toolkits, to sophisticated operators who can develop new types of threats and avoid organizational defences.
  • Malicious insider—Insiders represent a very serious threat, as they have existing access to corporate systems and knowledge of target systems and sensitive data. Insider threats can be devastating and very difficult to detect.

CYBER SECURITY IN THE FEDERAL POLITY OF INDIA

‘Police’ and ‘Public Order’ are State subjects as per the Seventh Schedule of the Constitution of India. States/UTs are primarily responsible for the prevention, detection, investigation and prosecution of crimes including cyber crime through their Law Enforcement Agencies (LEAs). The LEAs take legal action as per provisions of law against the offenders. The Central Government supplements the State Governments’ initiatives through advisories and financial assistance under various schemes for their capacity building.

VARIOUS MEASURES TO DEAL WITH THE CYBER THREAT IN INDIA

NATIONAL CYBER SECURITY POLICY, 2013

Its mission is to protect information and information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threat, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology, and cooperation.

It aims to create a workforce of 500,000 trained cybersecurity professionals in the next 5 years through capacity building, skills development and training

INDIAN COMPUTER EMERGENCY RESPONSE TEAM (CERT-IN)

The Indian Computer Emergency Response Team (CERT-IN or ICERT) is an office within the Ministry of Electronics and Information Technology of the Government of India.[3] It is the nodal agency to deal with cyber security threats like hacking and phishing. It strengthens the security-related defence of the Indian Internet domain.

NATIONAL CRITICAL INFORMATION INFRASTRUCTURE PROTECTION CENTER (NCIIPC)

●    NCIIPC is a central government establishment formed to protect critical information about our country, which has an enormous impact on national security, economic growth, and public healthcare.

NCIIPC has mainly identified the following as “critical sectors”-

●    Power & Energy

●    Banking, Financial Services & Insurance

●    Telecom Transport

●    Government

●    Strategic & Public Enterprises

CHIEF INFORMATION SECURITY OFFICERS

The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, including procedures and policies designed to protect enterprise communications, systems and assets from internal and external threats.

Conducting regular training programmes for network/system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organizations regarding securing the IT infrastructure and mitigating cyber attacks.

CYBER SWACHHTA KENDRA (BOTNET CLEANING AND MALWARE ANALYSIS CENTER)

The “Digital Swachhta Kendra” (Botnet Cleaning and Malware Analysis Center) is a part of the Government of India’s Digital India drive, overseen by the Ministry of Electronics and Information Technology (MeitY).

●    The “Cyber Swachhta Kendra” (Botnet Cleaning and Malware Analysis Center) is intended to address the goals of the “National Cybersecurity Policy,” which calls for the development of a secure cybernetic ecosystem in the country.

INDIAN CYBER CRIME COORDINATION CENTRE (I4C)

“Indian Cyber Crime Coordination Centre (I4C)” is an initiative of the Ministry of Home Affairs (MHA) to combat cyber crime in the country, in a coordinated and effective manner.

Objective:

â—Ź Identify the research problems/needs of Law Enforcement Agencies (LEAs) and take up R&D activities in developing new technologies and forensic tools in collaboration with academia/research institutes within India and abroad

●   To prevent misuse of cyberspace for furthering the cause of extremist and terrorist groups

●  Suggest amendments, if required, in cyber laws to keep pace with fast changing technologies and International cooperation.

CYBER-CRIME PREVENTION AGAINST WOMEN & CHILDREN’ SCHEME

The Ministry of Home Affairs implements it. The scheme aims to prevent and reduce cyber crimes against women and children.

AUDIT OF THE GOVERNMENT WEBSITES

Provision for audit of the government websites and applications prior to their hosting, and thereafter at regular intervals.

EMPANELMENT OF SECURITY AUDITING ORGANIZATIONS

Empanelment of security auditing organizations to support and audit implementation of Information Security Best Practices.

CRISIS MANAGEMENT PLAN

Formulation of Crisis Management Plan for countering cyber attacks and cyber terrorism.

CYBER SECURITY MOCK DRILLS

Conducting cyber security mock drills and exercises regularly to enable assessment of cyber security posture and preparedness of organizations in Government and critical sectors.

CYBER SURAKSHIT BHARAT

Ministry of Electronics and Information Technology launched the Cyber Surakshit Bharat initiative to spread awareness about cyber crime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.

ISSUES WITH THE CYBER SECURITY IN INDIA

LACK OF DATA SECURITY IN DEVICES USED FOR INTERNET ACCESS –

There has been a threat to the data privacy due to Chinese mobile.

Ministry of Home Affairs has recommended a ban on 54 Chinese mobile applications, including the popular game Garena Free Fire over concerns related to privacy and national security.

LACK OF NATIONAL LEVEL ARCHITECTURE FOR CYBERSECURITY

The private sector owns critical infrastructure, and the armed forces have their own firefighting agencies. However, no national security architecture unifies the efforts of all these agencies to assess the nature of any threat and tackle them effectively.

LACK OF SEPARATION

Unlike countries or states, in cyberspace there are no boundaries, thus making the armed forces, digital assets of ONGC, banking functions, etc., vulnerable to cyber attacks from anywhere. This could result in security breaches at a national level, causing loss of money, property or lives. To respond to possible threats on the country’s most precious resources, there is a need for a technically equipped multi-agency organization that can base its decisions on policy inputs and a sound strategy.

LACK OF PRAGMATIC GOAL IN DEALING WITH THE CYBER SECURITY:

National cyber security policy aims to create a workforce of 500,000 trained cybersecurity professionals in the next 5 years. However there has been to roadmap how to achieve this goal.

FUNCTIONAL OVERLAP IN VARIOUS AGENCIES

Due to the existence of too many agencies with overlapping functions in the field of cyber security, coordination between these agencies is poor.

LACK OF SPECIALISTS:

Globally, India ranks 2nd in terms of the number of Internet users after China (Internet World Stats, 2017). However, India has a negligible base of cyber-security specialists, when compared to the internet user base.

CYBER WARFARE

Cyber attack by nation-state is evolving as they go low-intensity ways with India.

E.g. Pakistan and China involves in  cyber threat against India.

THE WAY FORWARD

  • P-P-P Model for Cyber security
    • Government shall partner with the private sector and the academia to strengthen cyber security posture of the state
  • Information Security Policy and Practices
    • Security Audit Adhering to international standards applicable for all govt. websites, applications before hosting and publishing
    • to ensure ISPs (internet service provider)operating in the state shall deploy cyber security plans in line with State cyber security policy.
  • State Computer Emergency Response Team
    • Establishment of the State CERT to operate in conjunction ICERT and coordinate with NCIIPC
    • Cyber security drills shall be carried out under the supervision of I-CERT
  • Identity Theft and Security Incident Prevention:
  • State cyber security framework to support strategy and implementation mechanisms to prevent digital impersonation and identity theft and the security incidents
  • Assurance Framework:
  • Framework of assurance shall be established to provide guidance on security certifications, and qualification criteria and prescribe security audits of gov. ICT systems, Projects & applications
  • Security Budget:
  • Government agencies implementing IT Projects shall allocate an appropriate budget towards compliance with the security requirement of IT Act 2000 and State cyber security policy, security solution procurement and training.
  • Capacity Building and Awareness
    • Government shall take appropriate steps for enhancing awareness of citizens and small businesses for cyber security
    • Cyber security Capacity building and training for professionals, introducing curricula academia and organizing conferences
    • Strengthening LEAs through training, establishment of forensics labs, etc.
  • Get regular Vulnerability Assessment and Penetration Testing to patch and remove existing network and web application vulnerabilities.
  • Limit employee access to sensitive data or confidential information and limit their authority to install the software.
  • Use highly strong passwords for accounts and make sure to update them at long intervals.
  • Avoid the practice of open password sharing at work.

Mains Questions

  1. Examine various types of cyber threats and measures taken against them.
  2. Critically examine various loopholes in the cyber security architecture in India.
Spread the Word