What's New :
GS Mains Advance 2023, Batch Starts: 14th October.
Ethics Master Class (Mains 2023), Batch Starts: 17-Oct-2022

Assessing India’s Cyber Security Infrastructure

  • Category
    Security
  • Published
    15th Mar, 2021

According to recent reports (New York Times and Recorded Future), Chinese state-sponsored actors may have used malware to target India’s power grid system and seaports. The reports claimed that “Red Echo”, a group sponsored by the Chinese state, was behind the 12 October 2020 grid failure in Mumbai. 

Context

According to recent reports (New York Times and Recorded Future), Chinese state-sponsored actors may have used malware to target India’s power grid system and seaports. The reports claimed that “Red Echo”, a group sponsored by the Chinese state, was behind the 12 October 2020 grid failure in Mumbai. 

Background

  • Cyberspace and physical space are increasingly becoming intertwined due to increased software control.
  • The major security threat lies to the critical infrastructure of the nation wherein the attackers can gain control of vital systems such as nuclear power plants, financial, transportation or health systems that can lead to dire consequences.
  • With the definitive Make in India initiatives announced by the Indian government and estimates reporting that over 5 billion devices would connect to the internet in the coming months and years, India needs to lay down solid cybersecurity plans and policies.
  • The increasing cyber-attacks in the year 2020 have made organizations rethink their security measures, especially in terms of enterprise data security.
  • As organizations expand work-from-home and remote working solutions for their employees, the number of vulnerable endpoints increases.

Some recent incidents of Cyber attacks:

  • In the latest in a series of surveillance and hacking attempts, a Chinese hacker group known as Stone Panda had identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India, India’s vaccine manufacturers.
  • Last year in October, the sudden blackout that occurred in Mumbai was also suspected to be a cyber attack originating in China.
    • These kinds of cyber attacks are not uncommon in present times.
    • Russia was a pioneer in using this technique when it turned the power off twice in Ukraine several years ago.
  • Last month (Feb 28, 2021), Massachusetts-based cybersecurity company ‘Recorded Future’ published a report saying it had observed a “steep rise” in the use of resources like malware by a Chinese group called Red Echo to target “a large swathe” of India’s power sector.

In this regard, a more comprehensive and objective assessment of India’s cyber ecosystem is in urgent need. 

Analysis

The concept of cyber attack

  • The concept of a cyber attack or a computer network attack is rooted in this description.
  • It can be described as a “deliberate exploitation of computer systems, technology-dependent enterprises and networks.”
  • Cyber attacks use “malicious code to alter computer code, logic or data, resulting in disruptive consequences that can compromise data and lead to cybercrimes, such as information and identity theft.”
  • Cyberattacks give a country another option — less devastating than a nuclear attack, but capable of giving the country a strategic and psychological edge. China’s recent cyber aggression can be analyzed through this lens.
  • Possible reasons for increased cyber attacks from China:
    • One major factor is the border clash between the two countries in June 2020
    • Chinese may be using cyber attacks as a means of deterrence against India
      • Until recent years, China’s focus had been on information theft
      • But Beijing has been increasingly active in placing code into infrastructure systems, knowing that when it is discovered, the fear of an attack can be as powerful a tool as an attack itself.
    • When vaccine companies are targeted, the motive could be competition

Different types of Cyberattacks

  • Botnet: Botnet is a network of devices that have been infected with malicious software, such as a virus
  • Malware: Malware is a term used to describe malicious software, including spyware, ransomware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software. 
  • Phishing: Phishing is the practice of sending fraudulent communications that appear to come from a reputable source, usually through email. 
  • Ransomeware: Among the types of cyber warfare attacks, ransomware stands as one of the riskiest ones as highly critical information can be at stake. In a ransomware attack, the victim is forced to delete all necessary information from their system if they fail to pay a ransom within the timeline given by cybercriminals. 
  • Trojan Horses: A Trojan is a malware software program that aims at hacking digital devices by appearing as useful software to the victims.
    • It is one of the most dangerous types of Cyberattacks. It helps attackers get financial details alongside all other confidential information of the victims.
  • Worm: A worm is a type of malware that doesn’t attack a host file and replicates itself as it travels across computers and networks and leaves copies of itself in the memory of each computer.

What are the major dimensions of cyber threats?

There are three major dimensions of cyber threats:

  • Cyber Wars: A cyber war is a “No contact” war, where the idea is to attack the critical information (CI)architecture of another state. Israel used STUXNET malware to destroy the Iranian nuclear programme.
  • Cyber Crimes: Involves use of cyberspace for criminal activity including identity thefts and financial frauds. Eg. Adhaar card data and other biometric information has been hacked
  • Cyber Terrorism: It is the use of cyberspace by a terrorist group for propaganda and recruitment. Eg. fake videos to incite and radicalize the vulnerable target

Thus cyber security becomes important for the internal and well as external security of India.

Understanding the current state of cyber security in India:

  • National Security Council: The National Security Council, chaired by National Security Adviser (NSA), plays a key role in shaping India’s Cyber Policy Ecosystem.
    • The NSA also chairs the National Information Board, which is the apex body for cross-ministry coordination on cybersecurity policymaking.
  • Cyber Security Policy: The National Cyber Security Policy, 2013 was developed to build secure and resilient cyberspace for India’s citizens and businesses.
  • IT Act, 2000: Currently, the Information Act, 2000 is the primary law for dealing with cybercrime and digital commerce in the country.
  • NTRO: The National Technical Research Organisation (NTRO) is the main agency designed to protect national critical infrastructure and to handle all the cybersecurity incidents in critical sectors of the country.
  • NCIIPC: The National Critical Information Infrastructure Protection Centre (NCIIPC) was established under NTRO in 2014 to facilitate the Protection of Critical Infrastructure.
  • CERT-In: The Indian Computer Emergency Response Team (CERT-In) is responsible for incident responses including analysis, forecasts and alerts on cybersecurity issues and breaches.
  • Indian Cyber Crime Coordination Centre (I4C): The Central Government has rolled out a scheme for the establishment of the Indian Cyber Crime Coordination Centre (I4C) to handle issues related to cybercrime in the country in a comprehensive and coordinated manner.

Recent measures

  • Cyber Crime Volunteers: The Indian Cyber Crime Coordination Centre (I4C), under the Ministry of Home Affairs (MHA), recently launched the Cyber Crime Volunteers Program with the aim to allow citizens to register themselves as “Cyber Crime Volunteers’.
    • While the country had earlier used vertical surveillance (usually state observes the citizens), this new initiative is a case of Lateral surveillance (it is the case of social surveillance or peer-to-peer surveillance ).
  • Cybercrime reporting portal: The Government has launched the online cybercrime reporting portal, cybercrime.gov.in to enable complainants to report complaints pertaining to Child Pornography/Child Sexual Abuse Material, rape/gang rape imageries, or sexually explicit content.
  • Cyber Swachhta Kendra: Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) has been launched for providing detection of malicious programs and free tools to remove such programs.

What are the gaps in India’s Cyber Security?

  • The Institutional Framework has been plagued with concerns around
    • lack of effective coordination
    • overlapping responsibilities
    • lack of clear institutional boundaries and accountability
  • Outdated strategies: India’s National Cyber Security Strategy, which has been drafted by the NSC — a much-needed update to the National Cyber Security Policy 2013 — is yet to be released.
  • Inappropriate approach to deal with cyber conflict: India is also yet to clearly articulate a doctrine that holistically captures its approach to cyber conflict, either for conducting offensive cyber operations, or the extent and scope of countermeasures against cyber attacks.
  • Absence of credible cyber deterrence strategy: The absence of a credible cyber deterrence strategy means that states and non-state actors alike remain incentivized to undertake low-scale cyber operations for a variety of purposes — espionage, cyber crime, and even the disruption of critical information infrastructure.
  • International Telecommunication Union (a specialized agency of UN), ranked India HIGH in commitment to cyber security in its ‘Global Cyber Security Index -2018’

What measures are required?

  • Effective strategy and transparency: Clearer strategy and greater transparency are the need of the hour to improve India’s cybersecurity posture.
  • Better coordination: Improved coordination is needed between the government and the private sector, as well as within the government itself — and at the national and state levels.
  • Focus on creating secure cyber ecosystem: A clear public posture on cyber defence and warfare boosts citizen confidence, helps build trust among allies, and signals intent to potential adversaries, thus enabling a more stable and secure cyber ecosystem.
  • Learning from expertise: A key opportunity herein is a precise articulation of how international law applies to cyberspace, which could mold the global governance debate to further India’s strategic interests and capabilities.
    • In particular, this should include positioning on not just non-binding norms but also legal obligations on ‘red lines’ with respect to cyberspace-targets that should be considered illegitimate due to their significance for human life, such as health-care systems, electricity grids, water supply, and financial systems.

Conclusion

As India is moving towards more and more digitalization in all spheres, cyberspace has become a serious concern of National Security. Thus, a comprehensive policy with a skilled workforce is needed to ensure that India’s people and its infrastructure are safe, so the country can move towards development peacefully.

X

Verifying, please be patient.

Enquire Now