The landscape of Cyber Security in India

As the world gets absorbed by the COVID-19 pandemic, cyberattacks have become a critical area for all technology-focused organizations in India. In the evolving situation, India needs an updated cybersecurity situation.

Background

• Cybercrime is vastly growing in the world of technology today. Criminals of the World Wide Web exploit internet users’ personal information for their own gain.
• They dive deep into the dark web to buy and sell illegal products and services. They even gain access to classified government information.
• Cybercrimes are at an all time high, costing companies and individuals billions of dollars annually. What’s even more frightening is that this figure only represents the last 5 years with no end in sight.
• The evolution of technology and increasing accessibility of smart tech means there are multiple access points within users’ homes for hackers to exploit.
• While law enforcement attempts to tackle the growing issue, criminal numbers continue to grow, taking advantage of the anonymity of the internet.
  
  
  

India’s digital situation

• The digital economy today comprises 14-15% of India’s total economy, and is targeted to reach 20% by 2024. India has more than 120 recognised ‘data centres’ and clouds.
• Although India was one of the few countries to launch a cybersecurity policy in 2013, not much has transpired in terms of a coordinated cyber approach.
• Unlike the US, Singapore, and the UK where there is a single umbrella organisation dealing in cybersecurity, India has 36 different central bodies—most ministries have their own—that deal with cyber issues, and each has a different reporting structure; each state government has its own CERT.
• Add to this the fact that while the National Cyber Security Strategy 2020 was to devise a cyber-readiness roadmap for organisations and the government for cyber-readiness, this is yet to be announced.
• While CERT-IN has responded to cyber threats, it has been late in conducting security checks, and often has released advisories once an attack has taken place.
• In the case of WhatsAppand Pegasus, CERT-IN only came in after others had warned of the possibility of individuals being compromised.

What does India need?

• With countries resorting to digital warfare and hackers targeting business organisations and government processes, India needs comprehensive cybersecurity guidelines and standards for checking cyber vulnerabilities and cyber responses.
• In many cases, as it happens, the government itself uses legacy systems which are vulnerable to cyberattacks; countries like China and Singapore, in the meanwhile, have progressed towards creating cyber defence networks.
• India cannot afford to be complicit about cybersecurity.
• In 2018, when Wannacry disrupted the national health service systems in the UK, the country’s health system was brought to a standstill.
• An attack explicitly directed towards these services can cause much more damage. India should not wait for an attack to upgrade its infrastructure.
• In India, the private sector has started playing a significant role in operating critical information infrastructure, particularly in power, transportation and healthcare.
• It is now more necessary than ever before to take cognisance of new directions and shifts in policies across the world.
• It will be necessary to undertake a thorough risk and gap assessment of the current cyber resilience of India’s various economic sectors, as well as that of the governance structure that enforces and manages the cybersecurity policy and framework.
• National cybersecurity projects such as the National Cyber Coordination Centre (NCCC), National Critical Information Infrastructure Protection Centre (NCIIPC) and the Computer Emergency Response Team (CERT) need to be strengthened manifold and reviewed.
  
  

The rise of digital mediums

• Financial services, payments, health services, etc are all connected to digital mediums; and thanks to Corona, this is expected to increase.
• The average data consumption per person a year is in the range of 15-20 gigabits. The growth rate in data generation is more than 35%.
• With more inclusion of artificial intelligence (AI), machine learning (ML), data analytics, cloud computing and Internet of Things (IoT), cyberspace will become a complex domain, giving rise to issues of a techno-legal nature.

Cyber attacks in India

• In India, too, attacks have been happening with increasing frequency.
  • In 2016, banks had reportedly announced a leak of personal information of 3.2 million debit cards.
  • In 2018, Pune-based Cosmos Bank lost Rs 94 crore in a malware attack.
  • In 2019, the Kudankulam plant was attacked using malware.
  • And, CERT-IN has recently issued an advisory that there is a threat of a massive phishing attack.
• For three months in 2019, India faced the most cyber-attacks in the world.
• While the US was the most cyber-targeted nation in 2019, India held the top spot in April, May and June.  
• The most cyber-attacked countries in 2019 were the US, India, UK, Singapore, Ukraine, UAE, Nigeria, Japan, South Korea and Spain respectively.

The countries targeting India

• According to the data, 74,988 cyber-attacks targeting India originated in Slovenia. This was followed by Ukraine (55,772 attacks), Czech Republic (53,609 attacks), China (50,000 attacks), and Mexico (35, 201 attacks).
• The report says the attacks were carried out through ‘botnets’ that are used to inject malware into a victim’s device, allowing those controlling the botnet to take control of the device, gather information of the device and even remotely make the victim’s device perform specific tasks such as sending information back to the person controlling the botnet.
• A ‘botnet’ is a set of devices, which have computing ability and can be connected to each other through the internet — for example, computers, drones, and smartphones can be connected to each other via the internet.

Types of Cybercrime

• DDoS Attacks: These are used to make an online service unavailable and take the network down by overwhelming the site with traffic from a variety of sources. Large networks of infected devices known as Botnets are created by depositing malware on users’ computers. The hacker then hacks into the system once the network is down.
• Botnets: Botnets are networks from compromised computers that are controlled externally by remote hackers. The remote hackers then send spam or attack other computers through these botnets. Botnets can also be used to act as malware and perform malicious tasks.
• Identity Theft: This cybercrime occurs when a criminal gains access to a user’s personal information to steal funds, access confidential information, or participate in tax or health insurance fraud. They can also open a phone/internet account in your name, use your name to plan a criminal activity and claim government benefits in your name. They may do this by finding out user’s passwords through hacking, retrieving personal information from social media, or sending phishing emails.
• Cyberstalking: This kind of cybercrime involves online harassment where the user is subjected to a plethora of online messages and emails. Typically cyberstalkers use social media, websites and search engines to intimidate a user and instill fear. Usually, the cyberstalker knows their victim and makes the person feel afraid or concerned for their safety.
• PUPs: PUPS or Potentially Unwanted Programs are less threatening than other cybercrimes, but are a type of malware. They uninstall necessary software in your system including search engines and pre-downloaded apps. They can include spyware or adware, so it’s a good idea to install an antivirussoftware to avoid the malicious download.
• Phishing: This type of attack involves hackers sending malicious email attachments or URLs to users to gain access to their accounts or computer. Cybercriminals are becoming more established and many of these emails are not flagged as spam. Users are tricked into emails claiming they need to change their password or update their billing information, giving criminals access.
• Online Scams: These are usually in the form of ads or spam emails that include promises of rewards or offers of unrealistic amounts of money. Online scams include enticing offers that are “too good to be true” and when clicked on can cause malware to interfere and compromise information.

Indian laws concerning Cyber Security

• Information Technology Act, 2000:The act provides legal recognition to e-commerce and e-governance and facilitates its development as an alternative to paper-based traditional methods. It aims to protect the advancement in technology by defining crimes, prescribing punishments, laying down procedures for investigation and forming regulatory authorities.
• Crime and Criminal Tracking Network System (CCTNS): It is a nationwide network infrastructure for evolution of IT-enabled state-of-the-art tracking system around “investigation of crime and detection of criminals”.
• National Cyber Security Policy, 2013: It provides for:
  • To build a secure and resilient cyberspace.
  • Creating a secure cyber ecosystem, generate trust in IT transactions.
  • Creation of a 24 x 7 National Critical Information Infrastructure Protection Center (NCIIPC). 
  • Indigenous technological solutions. 
  • Testing of ICT products and certifying them.
• National Technical Research Organization (NTRO): NTRO is a highly specialized technical intelligence gathering agency. It develops technology capabilities in aviation and remote sensing, data gathering and processing, cyber security, cryptology systems, strategic hardware and software development, and strategic monitoring.
• National Critical Information Infrastructure Protection Centre (NCIIPC):Creation of National Critical Information Infrastructure Protection Centre, the national nodal agency in respect of protection of critical information infrastructure. It is placed under the National Technical Research Organization.
• CERT-In: CERT-In has been designated to serve as the national agency to perform the following functions:
  • Collection, analysis, and dissemination of information on cyber incidents. 
  • Forecast and alerts of cybersecurity incidents
  • Emergency measures for handling cybersecurity incidents 
  • Coordination of cyber incident response activities
  • Issue guidelines, advisories, vulnerability notes and white papers relating to information security practices, procedures, prevention, response and reporting of cyber incidents
• National Cyber Coordination Centre (NCCC): It is a critical component of India’s cyber security against hackers and espionage as well as to track terrorist activity online. 

Conclusion

India needs an accountable national cyber security that provides clear mandates and empowering provisions. It should supervise and enforce policies across the country to strengthen the cyber security framwork.