ForumIAS announcing GS Foundation Program for UPSC CSE 2025-26 from 18th June. Click Here for more information.
Contents
Context:The recent ransomware attack targeting SpiceJet has put a spotlight on one of India’s biggest cyber-vulnerabilities.
Why India needs to strengthen its cybersecurity architecture?
Both government services and private sector businesses have moved en masse into the digital space, and their efforts have been embraced enthusiastically by India’s 780 million broadband users.
This means millions of Indian websites gather sensitive data, with the Unified Payments Interface (UPI) processing close to 5 billion transactions per month. Many of these apps and websites, and the databases at their back-end, are insecure.
All are juicy targets because they contain huge amounts of sensitive personal data.
Moreover, reports by various global IT security providers confirm that India is a favourite destination for digital bad actors.
– It is believed to be the third-largest nation in terms of being the target of attacks. Known victims include Air India, SpiceJet, sundry logistics and shipping services, power utilities, and banking and health care sites.
– According to the cybersecurity company Trellis, ransomware attacks targeting India jumped by 70% year-on-year in the fourth quarter (January-March 2022). In a large majority of known cases, human error allowed initial entry and exploitation.
How does a ransomware work?
Ransomware injects malicious code that encrypts the website and locks the owner out.
Then the bad actor demands ransom payment to decrypt and allow the owner access again.
During this process, the data available may also be copied, which creates new potential targets.
What are the challenges involved?
A complicated legal situation: The legal situation is complicated because India doesn’t have a private data protection law, which means redress for the victims may be unavailable.
Under-reporting: As, no service provider, government or private, wishes to suffer the loss of credibility that’s involved in being publicly hacked, it means under-reporting.
What is the way forward?
There are many things organisations may do to make themselves less vulnerable –
a) Secure data, whether it’s stored on the cloud or on their own servers.
b) Identify and firewall the sensitive parts of their networks from the customer-facing bits.
c) Ensure that access to the sensitive parts is controlled by multi-factor authentication.
d) Ensure that internal communications, and transactions with sensitive information, are end-to-end encrypted.
e) Actively probe their own networks for possible vulnerabilities.
f) Build in redundancy, so that if their servers are attacked by ransomware, they can rapidly reload necessary systems and data.
Above all, the stakeholders in the Indian digital ecosystem need to educate users and employees about cybersecurity. This has to be a cooperative process involving many private and government organizations, and it should be led by the Indian Computer Emergency Response Team.
Source: This post is based on the article “Cyber safety” published in Business Standard on 29th May 22.
