Cyber Security in India

Context: Data privacy, security, cybercrime and related issues, currently under the purview of the IT ministry, may soon be overseen by the Telecom Regulatory Authority of India (TRAI) and the Telecom Commission (TC)

What is cyber space?

It is an electronic world created by interconnected networks of information technology and the information on those networks.

What is cyber security?

Cyber security or information technology security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation.

Cyber Security scenario in India

• India ranks 3rd in terms of the highest number of internet users in the world after USA and China, the number has grown 6-fold between 2012-2017 with a compound annual growth rate of 44%. (NITI Aayog)
• India was ranked among the top five countries to be affected by cybercrime, according to a 22 October report by online security firm “Symantec Corp”.India was ranked second globally when it comes to spam and phishing (misleading emails, weblink etc.)
• As per a report by Indian Computer Emergency Response Team (CERT-In), more than 53,000 cyber security incidents took place in India in 2017
• As per the data by NCRB (National Crime Record Bureau), 12317 cases related to cybercrime were registered in 2016.
• India ranked 23rd out of 165 nations in the second Global Cybersecurity Index (GCI)

Note: The GCI measures the commitment of nations across the world to cyber security. The Index is released by the UN telecommunications agency International Telecommunication Union (ITU).

Recent Cyber Attacks in India

Cyber threats

Cyber threats can be disaggregated, based on the perpetrators and their motives, into four: cyber espionage, cyber warfare, cyberterrorism, and cyber crime

1. Cyber espionage: Intelligence gathering and data theft. Examples of this were Titan Rain and Moonlight Maze
2. Cyber warfare: It involves the actions by a nation-state or international organization to attack and attempt to damage another nation’s computers or information networks.
3. Cyber terrorism: It is premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence
4. Cybercrime: Itis any criminal activity that involves a computer, networked device or a network.

India’s Approach to Cyber security

The Information Act, 2000 (amended in 2008) is the primary law for dealing with cybercrime and digital commerce in India.

In the Information Technology Act, cybersecurity is exercised under:

National Cyber Security Policy, 2013: The policy provides the vision and strategic direction to protect the national cyberspace. The major objectives of the policy are:

• To create secure cyber-ecosystem and enable adequate trust and confidence in electronic transactions and also guiding stakeholder’s actions for protection of cyber space.
• To create an assurance framework for design of security policies and enable actions for compliance of global standards.
• To strengthen regulatory framework for ensuring secure cyber ecosystem.
• To develop suitable indigenous technologies in ICT sector.
• To increase the visibility of integrity of ICT product by establishing infrastructure for testing and validation of security of such product.

Draft National Encryption Policy, 2015: It aims to enable information security environment and secure transactions in Cyber Space for individuals, businesses, Government including nationally critical information systems and networks.

Note: Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. The purpose of encryption is to ensure that only somebody who is qualified to access data (e.g. a text message or a file) will be able to read it, using the decryption key

Institutions

National Cyber Security Coordination Centre (NCCC): The NCCC is mandated to perform real-time threat assessment and create situational awareness of potential cyber threats to the country. It was made operational in August 2017.

National Critical Information Infrastructure Protection Centre (NCIIPC):

• The organisation was created under section 70A of the IT Act.
• It is designated as a national nodal agency in respect of critical information infrastructure protection. It aims to protect and safeguard critical information infrastructure (CII) against cyberterrorism, cyberwarfare and other threats

The CERT-In (Cyber Emergency Response Team – India)

• CERT-In is operational since 2004. It is the national nodal agency for responding to computer security incidents as and when they occur.
• Since Nov 2012, DG of CERT-In is called the National Cyber Security Coordinator (NCSC)

National Technical Research Organization

• Set up in 2004, it is a technical intelligence agency under the National Security Adviser in the Prime Minister’s Office, India.
• It also includes National Institute of Cryptology Research and Development (NICRD)

National Critical Information Infrastructure Protection Centre (NCIIPC)

• It is an organisation of the Government of India created under Sec 70A of the Information Technology Act, 2000 (amended 2008)
• The NCIIPC under NTRO released the “Guidelines for Securing the National Critical Information Infrastructures” (NCII) of the country. It has identified critical information infrastructures like power and energy, transportation, banking/finance and insurance, telecommunication, defence, space, public health, e-governance etc., the NCIIPC guidelines created a broad framework for securing these infrastructures all over the country

Note: Critical Information Infrastructure (CII) is that ICT infrastructure upon which core functionality of Critical Infrastructure is dependent.

Indian Cyber Crime Coordination Centre (I4C):

The Union Government has decided to set up 14C. It will be apex coordination centre to deal with cybercrimes based in New Delhi. It will coordinate with State governments/UTs and closely monitor cyberspace and social media with due emphasis on vernacular content.

Cyber Forensic Laboratory

The Cyber Forensic Laboratory and Digital Imaging Centre functioning under CFSL assists enforcement agencies in the collection and forensic analysis of electronic evidence.

Initiatives:

Cyber Swachhta Kendra: Launched in early 2017, the Cyber Swachhta Kendra provides a platform for users to analyse and clean their systems of various viruses, bots/ malware, Trojans, etc.

Cyber Surakshit Bharat:

• Ministry of Electronics and Information Technology (MeitY), launched the Cyber Surakshit Bharat initiative in association with National e-Governance Division (NeGD) in 2018.
• It aims to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.

The Cyber Warrior Police Force:

• In January 2018, the government announced its plans to introduce CWPF. The CWPF is likely to operate under National Information Security Policy and Guidelines wing of MHA’s CIS division. It is proposed to be raised on lines of Central Armed Police Force (CAPF).

Cyber-Crime Prevention against Women & Children’ Scheme: Implemented by Ministry of Home Affairs, the scheme aims to prevent and reduce cybercrimes against women and children.

Major Committees and recommendations

Gulshan Rai Committee (formed 2014)

Gulshan Rai Committee in its report on “Roadmap for Effectively Tackling Cyber Crimes in the Country”, made the following recommendations:

• Establish a new Indian Cyber Crime Coordination Centre which would be linked to NATGRID and CCTNS (Crime and Criminal Tracking Network system)
• an advance application for Social Media Analytics to monitor social media platforms activities related to Ministries of Home, External Affairs, Defence and other government organizations
• Reduce Government’s dependence on foreign servers and ensure one dedicated secure gateway for all government communication.
• Establish a separate agency for online cybercrime registration, monitoring and integration of CCTNS data with the same.

Issues and Challenges

1. Hardware Cyber Security Concerns: Most equipment and technology for setting up Cyber Security infrastructure in India are currently procured from global sources. These systems are vulnerable to cyber threats just like any other connected system.
2. Skill gaps: Globally, India ranks second in terms of the number of Internet users after China (Internet World Stats, 2017). However, India has a negligible base of cyber security specialists, when compared to internet user base.
3. Internet of Things as a weak link: Often internet connected devices lack basic security features, or they aren’t properly configured and rely upon default passwords that can give attackers easy access. This in turn is giving rise to botnets, which can be used for volumetric attacks.
4. Digital Data Threat: Growing online transactions have generated bigger incentives for cybercriminals. Besides, establishments looking to mine data (customer information, results of product surveys, and generic market information), they also create treasured intellectual property that is in itself an attractive target.
5. Lack of robust Legal and law enforcement mechanisms: India’s approach to cyber security has so far been ad hoc and unsystematic. Despite a number of agencies, policies and initiatives, their implementation have been far from satisfactory.
6. Lack of Coordination between stakeholders: Due to the existence of too many agencies with overlapping functions in the field of cyber security, coordination between these agencies is poor
7. Lack of awareness: There is a lack of awareness about cyber security threats and preventive measures at both organizational level as well as individual level.

International Best Practice: Israel

“Everybody understands that you buy Swiss watches from Switzerland and information security from Israel.” UdiMokady, CEO, CyberArk Software, Israel’s largest private cyber security company

• The Israel Defence Force (IDF) has created two elite units for cyber warfareC4I (Command, Control, Communications, Computers and Intelligence) and Military Intelligence
• The Israel government has actively sought out private sector institutions and the civil society to create a wide network of cyber security experts National Information Security Authority was established in 2002, which is responsible for preventing cyber-attacks against critical infrastructure
• Israel National Cyber Bureau (INCB), created in 2012, has been instrumental in creating a national cyber defence policy, partnerships with the private sector, and linking domestic and international cyber defence players
• Israel also actively promotes cyber security start-ups

Way Forward:

1.Technology:

• It is important to define minimum security features for the hardware and software to be deployed in the government ecosystem
• There is an urgent need to build capabilities and capacity for application, equipment and infrastructure testing through the deployment life cycle to detect any vulnerability and backdoors in the product/technology.
• Security Operations Centre should be developed for the government organizations with capabilities to detect, respond and recover from any breaches and attacks

2.Human resource: Immediate attention has to be given to human resource development which would increase the number of experts who can effectively manage the cyber security of the country

3.R&D: Investments should be made on R&D to develop more innovative technologies to address increasing cyber security threats

4.Policy and Governance: It is important to bring a robust policy and effectively implement the same. Further, duties and responsibilities should be defined clearly for smooth functioning and better coordination among departments and stakeholders

5. Awareness: A periodic awareness campaign by the government and big private organizations should be conducted to aware people about cyber security threats
6. Strengthening Private Partnership: It is important to strengthen the public- private partnership on cyber security.