Cyber Security Analysis

It is a criminal activity that either targets or uses a computer, a computer network or a networked device. Most cybercrime is committed by cybercriminals or hackers who want to make money.

• Cybercrime can be carried out by individuals or organizations, some are organized, use advanced techniques and are highly technically skilled.

Types-

• • Email and internet fraud.
  • Identity fraud- Personal information is stolen and used.
  • Cyberextortion- Demanding money to prevent a threatened attack.
  • Cryptojacking- Hackers mine cryptocurrency using resources they do not own.
  • Cyberespionage- Hackers access government or company data.
  • Infringing copyright, illegal gambling etc.,

Policy

The National Cyber Security Policy is a policy document drafted by the Department of Electronics and Information Technology (DeitY), Ministry of Communication and Information Technology in 2013 aimed at protecting the public and private infrastructure from cyber attacks. The guideline also seeks to protect the personal information of internet users, financial and banking information, and sovereign data.

In 2020, the National Cyber Security Strategy was conceptualised by the Data Security Council of India (DSCI) headed by Lt General Rajesh Pant. The report focused on 21 areas to ensure a safe, secure, trusted, resilient, and vibrant cyberspace for India.

The Policy is aimed at building a secure and resilient cyberspace for citizens, businesses and the Government. Its mission is to protect cyberspace information and infrastructure, build capabilities to prevent and respond to cyber-attacks, and minimise damages through coordinated efforts of institutional structures, people, processes, and technology.

The objectives of the policy include creating a secure cyber ecosystem, compliance with global security standards, strengthen the regulatory framework, creating round the clock mechanisms for gathering intelligence and effective response, operation of a National Critical Information Infrastructure Protection Centre for 24×7 protection of critical information infrastructure, research and development for security technologies, create a 500,000 strong cyber security workforce, to provide fiscal benefits to businesses for adopting cyber security practices, to build public private partnerships for cooperative cyber security efforts.

In brief, the National Cyber Security Policy covers the following aspects:

• A vision and mission statement aimed at building a secure and resilience cyberspace for citizens, businesses and Government.
• Enabling goals aimed at reducing national vulnerability to cyber attacks, preventing cyber attacks & cyber crimes, minimising response & recovery time and effective cybercrime investigation and prosecution.
• Focused actions at the level of Government, public-private partnership arrangements, cyber security related technology actions, protection of critical information infrastructure and national alerts and advice mechanism, awareness & capacity building and promoting information sharing and cooperation.
• Enhancing cooperation and coordination among all the stakeholder entities within the country.
• Objectives and strategies in support of the National Cyber security vision and mission.
• Framework and initiatives that can be pursued at the Government level, sectoral levels as well as in public-private partnership mode.
• Facilitating monitoring key trends at the national level such as trends in cyber security compliance, cyber attacks, cyber crime and cyber infrastructure growth.

National Cyber Security Policy: Strategies

• Creating a secure cyber ecosystem through measures such as a national nodal agency, encouraging organisations to designate a member of senior management as the Chief Information Security Officer and develop information security policies.
• Creating an assurance framework .
• Encouraging open standards.
• Strengthening the regulatory framework coupled with periodic reviews, harmonization with international standards, and spreading awareness about the legal framework.
• Creating mechanisms for security threats and responses to the same through national systems and processes. National Computer Emergency Response Team (CERT-in) functions as the nodal agency for coordination of all cyber security efforts, emergency responses, and crisis management.
• Securing e-governance by implementing global best practices, and wider use of Public Key Infrastructure.
• Protection and resilience of critical information infrastructure with the National Critical Information Infrastructure Protection Centre operating as the nodal agency.
• To promote cutting edge research and development of cyber security technology.
• Human Resource Development through education and training programs to build capacity.

Reasons for increasing Cyber Attacks

• Adverse relations with China:
  • China is considered one of the world leaders in information technology.
  • Therefore, it is expected to have capabilities to disable or partially interrupt the information technology services in another country.
  • Combined with the recent border standoff and violent incidents between the armies of the two countries, the adversity in relations is expected to spill over to attacking each other’s critical information infrastructure.

3955502345967. and covert warfare:
               • Unlike conventional warfare with loss of lives and eyeball to eyeball situations, cyber warfare is covert warfare with the scope of plausible deniability, i.e., the governments can deny their involvement even when they are caught.
               • Similarly, even a small nation with advanced systems and skilled resources can launch an attack on a bigger power, without the fear of heavy losses.
1. dependency on technology:
   • As we grow faster, more and more systems are being shifted to virtual space to promote access and ease of use.
   • However, the downside to this trend is the increased vulnerability of such systems to cyber-attacks.

Issues with Cyber Security

• Low digital literacy among the public: While India is considered the world leader in the technology industry, the general level of awareness in India about internet etiquette is low.
• Vulnerable points in the system: sometimes the third-party apps have built-in back door entry or may have malware attached to their installation file. Such issues can be addressed by effective user account control and careful monitoring of the system.
• State-sponsored Cyber Attacks: The problem with such state-sponsored attacks is the unlimited funding received by the hackers to break into the foreign systems.
• It is a continuous process: Cyber-attacks, by their very nature, are innovative and creative. They continue to evolve, and the next attack is more advanced than its previous version.
• Novel issues: Because of the ever-changing and fast evolving nature of technology, new issues keep creeping up in the IT sector.

Challenges Posed by Cyber Attacks on India?

• Critical Infrastructure Vulnerability: India’s critical infrastructure, such as power grids, transportation systems, and communication networks, is vulnerable to cyber attacks that can disrupt essential services and endanger public safety and national security.
  • For example, in October 2019, there was an attempted cyber-attack on the Kudankulam Nuclear power plant.
• Financial Sector Threats: The financial sector in India faces a high risk of cyberattacks from cybercriminals who seek to profit from stealing or extorting money. Attacks on banks, financial institutions, and online payment systems can cause financial losses, identity theft, and a loss of trust in the financial system.
  • For instance, in March 2020, a malware attack on the City Union Bank’s SWIFT system led to unauthorised transactions worth USD 2 million.
• Data Breaches and Privacy Concerns: As India moves towards a digital economy, the amount of personal and government data stored online increases. This also increases the risk of data breaches, where hackers access and leak sensitive information. Data breaches can have serious consequences for the privacy and security of individuals and organisations.
  • For example, in May 2021, the personally identifiable information (PII) and test results of 190,000 candidates for the 2020 Common Admission Test (CAT), used to select applicants to the IIMs, were leaked and put up for sale on a cybercrime forum.
• Cyber Espionage: Cyber espionage is the use of cyber attacks to spy on or sabotage the interests of other countries or entities. India, like other countries, is a target for cyber espionage activities that aim to steal confidential information and gain a strategic edge. Cyber espionage can affect India’s national security, foreign policy, and economic development.
  • For example, in 2020, a cyber espionage campaign called Operation SideCopy (a Pakistani threat actor) was uncovered, which targeted Indian military and diplomatic personnel with malware and phishing emails.
• Advanced Persistent Threats (APTs): APTs are complex and prolonged cyber attacks, usually carried out by well-resourced and skilled groups. These attacks are designed to infiltrate and remain hidden in the target’s network for a long time, allowing them to steal or manipulate data, or cause damage.
  • APTs are difficult to detect and counter, as they use advanced techniques and tools to evade security measures.
  • For example, in February 2021, a cyber security firm called RedEcho revealed that a China-linked APT group had targeted 10 entities in India’s power sector, with malware that could potentially cause power outages.
• Supply Chain Vulnerabilities: Supply chain vulnerabilities refer to the weaknesses in the software or hardware components that are used by government and businesses for their operations. Cyber attackers can exploit these vulnerabilities to compromise the systems and services that depend on these components, and cause widespread damage.
  • For example, in December 2020, a global cyberattack on SolarWinds, a US-based software company that provides network management tools, affected several Indian organisations, including the National Informatics Centre (NIC), the Ministry of Electronics and Information Technology (MeitY), and Bharat Heavy Electricals Limited (BHEL).

Initiatives Regarding Cyber Security?

• National Cyber Security Policy: This policy aims to build a secure and resilient cyberspace for citizens, businesses, and the government. It outlines various objectives and strategies to protect cyberspace information and infrastructure, build capabilities to prevent and respond to cyber attacks, and minimise damages through coordinated efforts of institutional structures, people, processes, and technology.
• Cyber Surakshit Bharat Initiative: This initiative was launched to raise awareness about cyber crimes and create safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
• Indian Cyber Crime Coordination Centre (I4C): This centre was established to provide a framework and eco-system for law enforcement agencies to deal with cyber crimes in a comprehensive and coordinated manner. It has seven components, namely:
  • National Cyber Crime Threat Analytics Unit
  • National Cyber Crime Reporting Portal
  • National Cyber Crime Training Centre
  • Cyber Crime Ecosystem Management Unit
  • National Cyber Crime Research and Innovation Centre
    National Cyber Crime Forensic Laboratory Ecosystem
  • Platform for Joint Cyber Crime Investigation Team.
• Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre): This centre was launched in 2017 to create a secure cyberspace by detecting botnet infections in India and notifying, enabling cleaning and securing systems of end users to prevent further infections.
• Computer Emergency Response Team - India (CERT-In): It is an organisation of the MeitY which collects, analyses and disseminates information on cyber incidents, and also issues alerts on cybersecurity incidents.
• Critical information infrastructure (CII): It is defined as a computer resource, the destruction of which, shall have debilitating impact on national security, economy, public health or safety.
  • The government has established the National Critical Information Infrastructure Protection Centre (NCIIPC) to protect the CII of various sectors, such as power, banking, telecom, transport, government, and strategic enterprises.
• Defence Cyber Agency (DCyA): The DCyA is a tri-service command of the Indian Armed Forces that is responsible for handling cyber security threats. It has the capability to conduct cyber operations, such as hacking, surveillance, data recovery, encryption, and countermeasures, against various cyber threat actors.