The Prayas ePathshala

Exams आसान है !

23 July 2024 – The Hindu

Facebook
LinkedIn
WhatsApp

Issues associated with Cybersecurity in India

  • India is not an exception to the growing threat of cyberattacks as the world becomes more digitally advanced. A US company called Resecurity alerted the globe in October 2023 to the existence of Indian personal data on the dark web. With all of the negative news flooding our news feeds, it would have been simple to overlook this, but for the volume and sensitive nature of the data. The data set supplier was offering sensitive, verifiable information on about 81.5 crore (or 55% of India’s population) of residents.
  • This contained details that might be used to identify an individual, such as name, phone number, passport number, Aadhaar number, and address. All for the pitiful amount of US$80,000. In this case, Delhi police placed four people under arrest on December 18.

To what extent is India open to cyberattacks?

  • More over 52% of India’s population, or 759 million individuals, accessed the internet at least once a month in 2022, indicating the country’s sizable and expanding internet user base.
  • After China, India has the second-largest online market globally.
  • It is anticipated that by 2025, there would be 900 million.
  • India’s digital economy is growing quickly, and industries including healthcare, education, finance, retail, and agriculture all depend on internet platforms and services.
  • India, however, faces sophisticated and persistent cyber threats from state-sponsored and non-state actors that target India’s strategic, economic, and national interests due to its antiquated or inadequate cyber security policies, infrastructure, and awareness, which make it easy for hackers to exploit the gaps and weaknesses in the system.

What Difficulties Do Cyberattacks Present for India?

  • Critical Infrastructure Vulnerability: India’s critical infrastructure, including its communication networks, power grids, and transportation systems, is susceptible to cyberattacks that might jeopardise national security and important services and cause disruptions.
  • For instance, the Kudankulam Nuclear Power Plant was the target of an attempted cyberattack in October 2019.
  • Threats to the Financial Sector: Cybercriminals who aim to make money by stealing or extorting money pose a serious threat to India’s financial sector. Financial losses, identity theft, and a decline in confidence in the financial system can result from attacks on banks, financial institutions, and online payment systems.
  • For example, in March 2020, illegal transactions of USD 2 million were caused by a malware assault on the SWIFT system of the City Union Bank.
  • Data Breaches and Privacy Issues: With India transitioning to a digital economy, there is a rise in the quantity of private and public data being kept online. Additionally, this raises the possibility of data breaches, in which unauthorised users get and divulge private data. Data breaches can have detrimental effects on an organization’s and an individual’s security and privacy.
  • The test results and personally identifiable information (PII) of 190,000 applicants for the 2020 Common Admission Test (CAT), which is used to choose applicants to the IIMs, were, for instance, hacked and offered for sale on a cybercrime site in May 2021.
  • Cyber Espionage: The use of cyberattacks to spy on or undermine the objectives of other nations or organisations is known as cyberespionage. Like other nations, cyber espionage operations target India in an effort to obtain a tactical advantage and steal sensitive data. India’s foreign policy, economic growth, and national security are all susceptible to the effects of cyber espionage.
  • For instance, Operation SideCopy, a cyberespionage effort spearheaded by a Pakistani threat actor, was discovered in 2020 and involved the use of malware and phishing emails to target Indian military and diplomatic personnel.
  • Advanced Persistent Threats (APTs): APTs are lengthy, intricate cyberattacks that are typically executed by highly trained and resourceful organisations. These assaults are made to sneak into the target’s network and stay undetected for an extended period of time, giving them the opportunity to harm or steal data.
  • Because APTs employ sophisticated methods and instruments to get beyond security systems, they are challenging to identify and counter.
  • For instance, in February 2021, RedEcho, a cyber security company, disclosed that eleven firms in the Indian power sector were the target of malware from an APT group with ties to China, which may have resulted in power disruptions.
  • Supply Chain Vulnerabilities: The term “supply chain vulnerabilities” describes flaws in the hardware or software that businesses and the government employ to run their operations. Cybercriminals may take advantage of these weaknesses to breach the services and systems that these components are a part of, resulting in extensive harm.
  • In December 2020, for instance, a worldwide cyberattack on the software company SolarWinds, based in the United States and offering network management tools, had an impact on a number of Indian organisations, such as the Ministry of Electronics and Information Technology (MeitY), Bharat Heavy Electricals Limited (BHEL), and the National Informatics Centre (NIC).
  • What Cyber Security Initiatives Are There?
  • The National Cyber Security Policy seeks to create a safe and dependable cyberspace for individuals, organisations, and the government. In order to limit losses through the coordinated efforts of institutional structures, people, processes, and technology, it describes several objectives and strategies to secure cyberspace information and infrastructure, establish skills to prevent and respond to cyberattacks, and defend cyberspace infrastructure.
  • The Cyber Surakshit Bharat Initiative was started with the goal of educating government agencies’ frontline IT workers and chief information security officers (CISOs) about cybercrimes and developing safety protocols for them.
  • The Indian Cyber Crime Coordination Centre (I4C) was founded to give law enforcement organisations a framework and ecosystem for responding to cybercrimes in a thorough and coordinated manner.

Its seven elements are as follows:

  • Threat Analytics Unit for National Cybercrime.
  • National Portal for Reporting Cybercrimes.
  • National Centre for Cybercrime Training.
  • Ecosystem Management Unit for Cybercrime.
  • National Centre for Cybercrime Innovation and Research.
  • The ecosystem of the National Cyber Crime Forensic Laboratory.
  • Joint Cyber Crime Investigation Team Platform.
  • In order to create a secure cyberspace, the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) was established in 2017. Its mission is to detect botnet infections in India and warn users so that their computers can be cleaned and secured to avoid new infections.
  • The MeitY’s Computer Emergency Response Team – India (CERT-In) gathers, examines, and distributes data on cyber incidents and also sends out alerts regarding cybersecurity incidents.
  • Critical information infrastructure (CII) is any computer resource whose loss would have a crippling effect on the economy, public health, safety, or national security.
  • To safeguard the critical information infrastructure (CII) of numerous industries, including power, banking, communication, transportation, government, and strategic enterprises, the government established the National Critical Information Infrastructure Protection Centre (NCIIPC).
  • The Indian Armed Forces’ Defence Cyber Agency (DCyA) is a tri-service body tasked with managing cyber security threats. It is capable of carrying out cyber operations against different cyber threat actors, including hacking, surveillance, data recovery, encryption, and countermeasures.
  • What More Can India Do to Protect Itself Against Cyberattacks?
  • Strengthening the Current Legal Framework: The Information Technology (IT) Act of 2000, which has been modified numerous times to address new issues and dangers, is the main piece of legislation in India that governs cybercrimes.
  • The low conviction rate of cybercriminals and the absence of precise definitions, processes, and sanctions for various cyberoffences are just two examples of the gaps and shortcomings in the IT Act.
  • Cybersecurity legislation that address cyberterrorism, cyberwarfare, cyberespionage, and cyberfraud must be updated and comprehensively enacted in India.
  • Improving Cyber Security Capabilities: The National Cyber Security Policy, Cyber Cells and Cybercrime Investigation Units, Cyber Crime Reporting Platforms, and Capacity Building and Training programmes are just a few of the policies and efforts India has put in place to strengthen its cyber security.
  • But given India’s lack of technical manpower, cyber forensics facilities, cyber security standards, and stakeholder coordination, these initiatives remain insufficient and dispersed.
  • India must make greater investments in the development of its technological and human capital, in the creation of centres of excellence for cyber security, in the adoption of best practices and standards, and in the promotion of cooperation and information exchange across various departments and industries.
  • Create a Cybersecurity Board: Following a major cyber incident, India needs to create a cyber security board with representatives from the public and commercial sectors. This board would be able to meet, assess the events, and offer specific recommendations for enhancing cybersecurity.
  • Implement a zero-trust architecture and require the use of a standardised playbook for handling cybersecurity incidents and vulnerabilities. Implement a plan as soon as possible to update the state’s incident response policy and to protect and modernise its networks.
  • Increasing International Cooperation: Since cyberattacks affect people worldwide and cross national borders, India is not the only country dealing with cyber security issues.
  • India must collaborate more with other nations and international organisations, including the Global Forum on Cyber Expertise, the International Telecommunication Union, the United Nations, and Interpol, in order to share threat intelligence, exchange best practices, harmonise cyber laws and norms, and support cyber investigations and prosecutions.
  • In order to foster trust and confidence as well as address shared cyber security concerns and interests, India also has to be more actively involved in regional and bilateral conversations and initiatives, such as the BRICS, the ASEAN Regional Forum, and bilateral forums like the Indo-US Cyber Security Forum.

Select Course

Other Imoprtant Articles:

Let’s Connect !

To get more information just share your name and mobile number. We’ll talk to you.

Prayas Toppers

The Prayas India

About Us

Contact Us

Fee Pay

Terms of Services

Privacy Policy

Pricing Policy

Refund Policy

Join Community

Activity

Groups

Forum

Learners

Webinar

Work With Us :)

Programs

UPSC

MPSC

NDA – CDS

Bank – SSC – RRB

MBA Entrance

Law Entrance

Notes & Materials

Let’s connect

The Prayas Centres: Click Here
Mail Us: theprayasindia@gmail.com
Call Us: +91 8355951603
WhatsApp Us: +91 7710013217

Follow Us

Facebook Instagram Twitter Youtube

© 2024 The Prayas India