12 Dec

Cyber Security

window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag(‘js’, new Date()); gtag(‘config’, ‘AW-11291124310’); window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag(‘js’, new Date()); gtag(‘config’, ‘G-VT0PBQ04HH’);

< General Studies Home Page 

Contents

• Basics
• General Cyber Security Challenges
• Impact of Cyber attack- Different ways in which cyber attack damages
• Cyber Security situation in India
• Laws, Policies, Institutions, Initiatives to ensure Cyber Security in India
• Problems Associated with India’s Cyber Security System
• Way Forward and Conclusion
• Cyber Security threats from China, and Chinese Hardware and Software
• State’s Use of Non-State Actor in Cyberspace

---

Basics

Cyberspace is the connected Internet Ecosystem”.

• Cyberspace today covers almost every crucial defence and civilian infrastructure including information technology network, banking and finance, transportation system, water supply etc.
• It has also emerged as the largest unregulated and uncontrolled domain in the history of mankind.
• It is the fifth potential theatre of warfare along with land, sea, air and space.
• Thus, protecting cyber space has become a very high priority for every government in the world.

Cyber Crime is a criminal activity that involves a computer and a network i.e., a criminal activity on the cyberspace.

• It involves offences committed against people/ organization/ governments with a criminal motive to cause physical or mental harm, or loss to victim directly or indirectly.
• It also threatens nation’s security and financial health.
• Cyber criminals are getting sophisticated with each passing day and are wreaking havoc by defacing websites and stealing confidential and privileged data for financial gain.

Cyber Security is protecting our cyber space (critical infrastructure) from attack, damage, misuse and economic epsionage.

It is a complex issue that cuts across multiple domains and calls for multi-dimensional, multilayered initiatives and responses

General Cyber Security Challenges

i. Cyberspace has inherent vulnerabilities that can’t be removed.

• Innumerable entry points to internet
  • Even if a few points are vulnerable, the whole system can be cyber attacked.
• The coming up of technologies like IoT which connects various ‘things’ with internet- increases the vulnerabilities of internet.
• Increasing penetration of Internet with a large number of first-time users.
  • Increasing connectivity of different sectors -> more data being stored digitally -> more vulnerability.

ii. Difficult to identify the source of attack.

• For e.g., CIA’s UMBRAGE project has advanced capabilities of misdirecting attribution to another nation-state (“false flag attacks”) by leaving behind false fingerprints.

iii. Fast evolving technologies

• This allows cyber attackers to quickly exploit vulnerabilities. Further in the absence of timely updates, attack technologies surpass the defense technology allowing exploitation of the vulnerabilities.

iv. Nation states, non-state actors, and individuals are at a peer level, all capable of waging attacks.

v. Some countries promote, shelter and encourage cyber-crime as a political tactic.

vi. Cyber criminals (hacking groups have become very organized)

• They are part of the underground ecosystem that channels tools, expertise, and infrastructure in criminal operations that extract billions of dollars of profit from data theft, extortion, and fraud.

Impact of Cyber Attack- Different ways in which cyber attack damages

National Security: Cyber-attacks pose a major challenge to any country’s National Security.

• Cyber Espionage, Warfare, Terrorism etc. emerged as a new challenge in India’s National
  Security.
  • Cyber-attacks on India originating from China has increased manifold after the increased tensions on the borders.
  • US-Israeli joint efforts had leashed the Stuxnet Worm in 2010 – which helped it disable several hundred centrifuges at the Iranian nuclear facility in Natanz.
• Disabling of Critical Infrastructure such as telephone network, satellite system, financial services can be brought by Cyber-attack.
  • For e.g., the malware ‘DTrack’ had breached a system at Kudankulam Power Plant.

Economic Loss – Financial Frauds

• Cybersecurity Ventures estimate the global annual cybercrime cost to be $6 trillion in 2021.
  • Information Loss: The largest cost impact from cybercrime is information loss (39%).
  • Business Disruption: Loss (36%)
• Information Warfare: It aims to impact the decision-making process of the target’s citizenry for advancing particular narratives.
  • With Big data, Behavioural and predictive analytics and AI, the nature of warfare in cyberspace has evolved.
  • Sixth Generation Warfare (6GW) applies ‘reflexive control’ aided by these developments to target in an individualized manner and change the beliefs of the leadership or citizenry of the adversary through mass data and behavioral analytics.
• Social Media has been used for:
  • Fake news – promoting social tensions and harming national integrity.
  • Radicalization of youth has been happening through online platforms.
  • Honey trapping
  • Data phising
• Cyber Hacktivists
  • They hack sites and servers to virally communicate the “message” for specific campaigns.
• Violation of Right to Privacy
  • Individual’s personal data is disclosed on public platforms.
• Other Crimes: e.g., Online Abuse, Harassment, Stalking, Child Pornography etc.

Cyber Security situation in India

Steady spike of Cyber Security in the past five years:

• As per NCRB, there were 12,317 cases of cybercrime in 2016, which has increased to 50,035 in 2020.
• Late CoDS Bipin Rawat had said that cybercrime went up by 500% during the Pandemic.

Cybercrime increased drastically after the increased border tensions with China.

• Most of these attacks are DDOS, phising, data exfiltration, remote access tool malware and keylogging (tracking every keystroke made by a user).
• Government websites and web portals have been the targets in the past too. What is different this time is that attackers appear to be well planned and aimed at extracting information and sensitive data.

Laws, Policies, Institutions, Initiatives to ensure cyber security in India

A) Legal Framework

• Currently, the Information Technology Act, 2000 is the primary law for dealing with cyber crimes in India.
  • Section 43 (Data Protection), Section 66 (hacking), Section 66B punishment for illegally possessing stolen computer resource and communication devices, Section 67 (protection against unauthorized use of data), Section 69 (Cyber terrorism), etc. are some key provisions which cover Cyber Security.

B) National Cyber Security Policy 2013

Aim:
i. Protection of information infrastructure in cyberspace
ii. Reduce vulnerabilities.
iii. Build capabilities to prevent and respond to cyber threats.
iv. Minimize damage from cyber incidents through a combination of institutional structure, people, process, technology and cooperation.

Key Provisions

a. Institutional Framework to promote Cyber Security

• National Critical Information Infrastructure Protection Centre (NCIIPC): it is a 24X7 mechanism to deal with cyber threats and works under NTRO to safeguard critical infrastructure.
• CERT-IN has been designated as nodal agency for coordination of crisis management. It
  will also coordinate and operationalize sector CERTs.

a. Developing Cyber-security Human Resource (creating a workforce of 5,00,00 professional in 5 years)

b. Promote R&D

• More Investment; Industry-Academia collaboration; Setting up Centre of excellence in cyber security areas; R&D in cutting edge security tech; focus on indigenous development of cyber security solutions.

c. Promoting PPP and collaborative engagements through technical and operational co-operation

d. Each organization to promote cyber security through an information security policy and using only certified IT products.

e. Other provisions include Updation of legal framework; Awareness program on cyber space; Periodic review of the adequacy and effectiveness of cyber security infrastructure etc.

Need of Review

• Technological advancements in the field of Artificial Intelligence, 5G, Internet of Things etc. have made the 2013 policy outdated.
• Human Resource Development has been poor.
• Need of Governance Reform
  • India has 35+ different central bodies to look after cyber issues. Each organization has its own reporting structure and CERT (Indian Computer Emergency Response Team). This plethora of agency leads to confusion.
• Need of a Unified Cyber Security Framework across various regulators
• Need of a Cyber-Defence Agency – to implement the cyber defence strategy for national security.
• This should also provide for cyber commando forces to neutralize any cross border cyber terrorism or cyber-attack and help in development of specialized cyber police cadres in all state police departments.

Various Institutions and Initiatives:

• National Security Council (NSC) usually chaired by the NSA plays a key role in shaping India’s cyber policy ecosystem.
  • National Information Board, also chaired by NSA, is meant to be the apex body to promote cross-ministry coordination on cybersecurity policymaking.
• National Critical Information Infrastructure Protection Centre established under the NTRO in Jan 2014 is mandated to facilitate the protection of critical informational infrastructure.
• The Indian Computer Emergency Response Team (CERT-IN) is the national nodal agency which responds to various cyber security threats to non-critical infrastructure.
• Ministry of Defence (MoD) has established a Defence Cyber Agency, a tri-service command of the Indian armed forces to coordinate and control joint cyber operations and craft India’s Cyber doctrine.
• Cyber Swatchta Kendra (Botnet Cleaning and Malware Analysis Centre): It has been launched for detection of malicious software programmes and to provide free tools to remove the same.
• Cyber AASHVAST: India’s first Cyber Crime Prevention Unit

Other Initiatives to Promote Cyber Security in India

1. Awareness Generation

• Cyber Surakshit Bharat Initiative
  • It was launched in 2018 to promote awareness about cyber-crimes and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.

2. PMGDISHA

3. All the new government websites and applications are audited prior to hosting and on regular
basis after hosting.

4. Increased International Cooperation

• The second ASEAN-India Track 1.5 Dialogue on Cyber Issues was held in Oct 2020.
• India also signed Memorandum of Cooperation with Japan in the field of Cybersecurity.
• Quad countries also have agreed for cooperation on Cyber-Security

Problems associated with India’s Cyber Security System

1. Cyber Security Policy, 2013 and IT Act needs to be updated to ensure that it remains fast tracked.

2. No Procedure Code for the investigation of Cyber or computer-related offences:

• As electronic evidence is entirely different in nature when compared to evidence of traditional crime, laying down standard and uniform procedures to deal with electronic evidence is essential.

3. Lack of coordination among the various institutions involved in cyber security.

• We don’t have a unified national cyber security architecture. There are too many agencies which have led to concerns around effective coordination, overlapping responsibilities and lack of clear institutional boundaries and accountability.

4. Lack of trained manpower / Lack of focus on cyber security in educational and research institutes.

• In June 2023, a report by Team Lease Digital said that India had 40,000 job openings in the field of cyber security, but 30% of these vacancies couldn’t be filled due to huge skill shortage.

5. Dependency on ICT Imports

• Mains hardware attacks can be Manufacturing Backdoors, Hardware tempering etc.
• Further, lack of digital solutions like data-sharing facilities and social media platforms have
  adversely impacted nation’s self-reliance and cyber security.

6. Lack of awareness among public regarding the cyber security and significance of it.

• According to a survey by security solutions provider NortonLifeLock, around 52% adults admitted that they don’t know how to protect themselves from cybercrime.

7. Rapidly changing technology

8. Use of Substandard Devices and rampant use of unlicensed software increases cyber security vulnerabilities in India.

9. Lack of private investment

10. India’s cyber capabilities are mostly defensive and lacks offensive power.

• A cyber arsenal is also needed for strategic deterrence and this will also enhance our defensive approach.

11. Almost Complete absence of Cyber Security Framework at state level in many states
12. Absence of ‘Global Cyber Norms’ which can balance the competing demands of national sovereignty and transnational connectivity.

Way Forward and Conclusion

Reform policy, laws – Both Cyber Security Policy 2013 and the IT Act, 2000 don’t fully sync with today’s cyber threat.

• The new cyber security policy should also ensure coherence and coordination between various institutions.
• It’s high time that data privacy laws are prioritized by the legislature.

Human Resource Development

• Skill shortage has to be dealt with high priority:
  • Fill all the relevant position with cyber security experts.
  • States should set up a special cyber police station in each district or range, having technically qualified staff in every police station.

Upgrade Cyber Labs:

• Cyber forensic labs of states must by upgraded with the advent of new technologies.
• The state of art, National Cyber Forensic Lab and the Cyber prevention, Awareness and Detection Centre (CyPAD) of the Delhi Police should also be asked to extend professional help to state labs.

Focus on Infrastructure and More R&D in the sector.

• Focus on how AI and ML can boost cyber defenses.
• Promote cutting edge technology growth in the country to reduce dependency on imports of ICT.

Enhancing Cyber Warfare Capabilities:

• These enhancements would be technological, organizational, and human, employed for cyber offence, cyber defence, cyber deterrence, or combination of these.
• Developing offensive deterrence capabilities
  • Specialized cyber security cells are needed in police departments of each state.

Promote Cyber Hygiene –

• Ensure security in imported ICT devices.
  • Set up Trust Centres (labs) to determine the level of trustworthiness of ICT vendors.
• Nurturing young netizens through digital civics. Regular updates of hardwares and softwares, regular password changes etc.

Reduce dependency on imported ICT devices.

• Promote ICT manufacturing in the country.

Promote the role of Private Players

• Encourage startups in the field of social networking, cloud computing etc.
• Private sector should get involved in more industry focused processes such as the Microsoft initiated Cybersecurity Tech Accord and the Siemen’s led Charter of Trust.

Increasing International Cooperation to develop Cyber Norms.

• Acceding to Budapest Convention, or Convention on Cybercrime of the Council of Europe (CETs no. 185), which started as a European Initiative but has attracted others, is an option that India should examine.
• Further, International agreements should provide a binding obligation on ‘red lines’ with respect to cyberspace-targets that should be considered illegitimate due to their significance for human life, such as health-care systems, electricity grids, water supply and financial systems.

Prepare for implication of Quantum Computing on Cyber security.

Protect the country from informational (6th Generation warfare): – Measures to reduce foreign data collection; sectoral data localization; Enact the data protection bill; Integrate this modern form of warfare while developing India’s security strategy.

Conclusion

• In India, it is imperative for our national security that cyber networks, software and cyber-physical systems, and platforms should be cyber-secure. This requires a judicious mix of people, policies and technologies, as well as robust Public Private Partnership.
• Various institutions need to be strengthened to bring in a much-needed synergy among various institutions and to work out a coordinated approach to cyber security, including cyber deterrence.

Cyber Security threats from China, and Chinese Hardware and Software

In 2018, CERT-IN (Computer Emergency Response Team – India) reported that China was responsible for 35% of the total number of cyber-attacks on official Indian website. Military forces suspect that this attack has increased substantially after the Galwan clashes.

Recent Example of Chinese Cyber Attacks:

• Cyber-attack on AIIMS in Dec 2022 which was may have compromised data of 3-4 crore patients.
• Attack on Ladakh Power Grid in April 2022.
• Earlier in 2021, Chinese state-backed hackers’ group had targeted the IT system of two Indian vaccine makers – Bharat Biotech and Serum Institute of India (SII)
• The Oct 2020, Mumbai power outage was also a result of multiple malwares deployed by Chinese group RedEcho.

Various types of Cyber threats from China:

• Direct Cyber-attacks – Hacking, DDOS, Phising, etc.
• Threats from Chinese apps and hardware
• Smart Technology also pose security risks: SMART Products which encompass the range of everyday technology that is being operated across residential and office spaces in India. These include CCTVs, air conditioners, refrigerators, coffee machines, printers etc. Even the western produced devices depend on data sensors, modules and transmitters.
  • In UK, a report sent to government explains that these Chinese components can be used to track the movements of intelligence officers and ministers. It can also be used for stifling industrial activities.

Key steps taken:

• Ban on several Chinese apps and technology due to data leaks, vulnerabilities, and national security risks that they pose.
  • In 2020, India started banning Chinese applications which now cover more than 250 applications.
• Examples of Chinese firms under wider scrutiny in India
  • Exclusion from 5G telecom trials
  • Increasing restrictions on research collaboration
  • Income Tax Searches

Way Forward:

• Work on outlining technical evidence to prove that the attacks are from China.
• Complete analysis of Chinese Products (Apps, Software, SMART Products) etc being used in India.
•  Work on developing competitive replacements to Chinese firms.
• Expand Cyber Defence and Cyber Offensive Capabilities to counter these cyber-attacks.
• Other suggestions to strengthen Cyber Security

Example Questions:
“Adequate measures need to be adopted to strengthen India’s cyber defence as it has become
increasingly susceptible to Chinese Cyber Attacks” Elaborate [10 marks, 150 words]

State’s Use of Non State Actor in Cyberspace

Introduction:

• A Cyber non-state actor is an entity with no specific physical territory or territorial sovereignty that operates in cyberspace. It can include individuals, groups, or organizations that operate independently or in association. Non-state actors can significantly threaten governments, businesses, and individuals.

Why do states choose non-state actors?

Protect themselves: Though cyberspace ensures anonymity, non-state actors provide additional protection to the states during cyberattacks, as they can claim plausible deniability and avoid blame to evade indictment.

• For instance, North Korea uses Bureau 121, a hacking group, to carry out cyberattacks primarily against South Korea while maintaining certain distance from their repercussions.

Other factors include lack of national capabilities, lack of resources, lack of national talent pool etc.

Examples of non-state actors:

Implications:

• Cyberspace and non-state actors have reduced the gap between the well-off country and a developing country in terms of their capability to attack.
• Non state actors are also used for strengthening cyber defences.

Threats:

• The non-state actors also have a very disruptive and destabilizing nature.
• They can also be a threat to democratic process – for instance cyber mercenary group Team Jorge claims to have interfered in 27 Presidential-level campaigns worldwide through hacking, disinformation, planting fake intelligence etc.

What should be done?

• International Treaty – Against using non-state actors for cyber-attacks (use can be allowed for strengthening defences)
• Legislation is necessary to curtail activities on non-state actors.
• Strengthen own Cyber Offence and Defence Capabilities.

Conclusion:

As geopolitical rivalries deepen with time, the use of non-state actors is only set to grow. It is
important that the nation states come to a international agreement against the use of non-state
actors.

PYQs of last 22 Years

• What are the different elements of Cyber Security? Keeping in view the challenge in cyber security, examine the extent to which India has successfully developed a comprehensive National Cyber Security Strategy (Answer in 250 words)
• Keeping in view India’s Internal Security, analyze the impact of cross-border cyber-attacks. Also discuss defensive measures against these sophisticated attack [10 marks, 150 words]
• Discuss the types of Cybercrime and measures required to be taken to fight the menace [10 marks, 150 words] [Mains 2020]
• What is CyberDome project? Explain how it can be useful in controlling internet crimes in India. [10 marks, 150 words] [Mains 2019]
• Discuss the potential threat of cyber-attacks and the security framework to prevent it. [10 marks, 150 words] [Mains 2017]
• Considering the threats cyberspace poses for the country, India needs a “Digital Armed Force” to prevent crimes. Critically evaluate the National Cyber Security Policy, 2013 outlining the challenges perceived in its effective implementation. [200 words, 12.5 marks] [Mains 2015]
• Cyber warfare is considered by some analysts to be larger threat than even Al-Qaeda or terrorism. What do you understand by Cyber Warfare? Outline the cyber threats which India is vulnerable to and bring out the state of the country’s preparedness to deal with the same. [200 words, 10 marks] [CSM 2013]