[Answered] “Recent incidents like Pegasus snooping scandal, expose the vulnerability and threat of cyber-crimes to India” Comment.

The number of people having access to the internet In India is increasing day by day. People are getting dependent on the internet in order to access everything by sitting at just one place. Despite the untapped potential, India already is the 2^nd largest online market worldwide. Although the advancement of technology and internet has brought with it all related benefits but has also led to massive increase in the cyber-crime affecting people globally. The crime like Pegasus snooping scandal, Wannacry attack has showed vulnerability of India to cyber-crime threats.

Cyber-attack on the rise in India:

1. As per study of ASSOCHAM-NEC, there has been 457% rise in cybercrime incidents under the Information Technology (IT) Act, 2000 from the year 2011 to 2016 in India.
2. Attacks on the financial sector rose from 3% in 2015 to 14% in 2016. 19 Indian Banks faced a series of data theft in last 6 months – biggest debit card fraud in Indian history. NPCI on probing found a malware-induced security breach in systems of Hitachi Payment Services, which provides ATMs, point of sale & other services in India.
3. Another aspect is increasing trend of cyber criminals gaining access to corporate email addresses. In the year 2015, an oil and gas company was hacked whereby the cyber criminals duplicated the email ids of the senior officials in order to ploy one of the clients to transfer the amount to the hacker’s account leading to losses to the tune of a few hundred crores.
4. E.g. The Cosmos Bank was destructively hit by cyber-attack in the year 2018, where the hackers hacked into the ATM server of the bank and stole details of many visa and rupee debit cards owners.
5. Recent incidents like Pegasus WhatsApp snooping, cyber attack on India’s nuclear power plant etc. has shown India’s vulnerability.

Issues in India’s Cybersecurity:

1. Computer Emergency Response Team (CERT-In) is heavily understaffed.
2. Although Gov. has set up National Critical Information Infrastructure Protection Centre (NCIIPC) but it is yet to identify and implement measures to protect critical information infrastructure
3. The continued perception has been that cyber security is optional. Thus led to increase in threats of cyber-attacks.
4. International threat of a cyber-war from countries like China and Pakistan has increased in recent times.
5. Lots of equipment’s in India are imported. It is unknown whether these devices are tampered with or programmed for control processes
6. Cyber-attacks have grown in terms of sophistication and reach in the recent times. The countries are witnessing growing cybercrime ranging from fraud calls to malwares that bring banking systems to a standstill.
7. Attacks are often anonymous and difficult to attribute to specific actors, state or non-state. Advanced Precision Threats (APTs) carried out by anonymous hackers are often silent and go unnoticed for long periods.

Importance of cyber security:

1. Cyber security is an important arena of internet when the country is moving forward towards a cashless society and digitisation. It is of paramount concern to take cyber security seriously in India with most of the transactions going online and cashless.
2. Security becomes a challenge as now privacy is a fundamental right as per SC verdict and the rise in cybercrime can lead to violation of private space and liberty of expression.
3. Cyber security becomes a vital law of cyber law today. There is need of new tools; capacity building must be done in various departments and a mechanism in place to address these challenges.
4. The Indian government has embarked on a programme to turn the country into a digital economy. It has unveiled a series of initiatives—from introducing Aadhaar, MyGov, Government e-Market, DigiLocker, Bharat Net, Startup India, Skill India and Smart Cities to propel India towards technological competence and transformation.

In India, it is imperative that cyber networks, software and cyber-physical systems, and platforms should be cyber-secure. This requires a judicious mix of people, policies and technology, as well as robust public-private partnership. The reliance on imported information and communication technology (ICT) products and our inability to screen them for vulnerabilities is a major cybersecurity risk. The need of the hour for Indian government is to develop core skills in cyber security, data integrity and data security fields while also setting stringent cyber security standards to protect banks and financial institutions.