Cyber Security Challenges in India

Cyber Security Challenges in India

GS-3: Internal Security

(UPSC/State PSC)

Important for preliminary exam:

Cyber Attacks, National Crime Records Bureau, National Cyber Security Policy (NCSP), Indian Cyber Crime Coordination Center (I4C), National Cyber Crime Reporting Portal (Cybercrime.gov.in), Cyber Secure India Initiative, Asia-Pacific (APAC) Region.

Important for Main Exam:

Cyber Attacks in India, Cyber Security Challenges in India, Government Initiatives on Cyber Security, Way Forward, Conclusion.

19 February 2024

Context:

Recently, the Indian Parliamentary House panel has asked the government to strengthen the cyber security of central and state government websites, as incidents of hacking of 373 websites have been exposed between January 2018 and September 2023.

• The committee also pointed out that some government offices were using outdated software on laptops and computers, making them vulnerable to Cyber Attacks.
• The committee stressed on adherence to the guidelines and recommended the Ministry to update the entire government infrastructure with respect to dealing with cyber threats.

Cyber Attack:

• Cyber Attack refers to any deliberate, malicious attempt to breach the security measures of a computer system, network or device with the intent to intercept, steal, alter or destroy data, information or infrastructure.
• These attacks can target individuals, organizations, governments, or even entire nations.

Cyber Attacks in India:

• A Microsoft report in 2023 revealed that India was one of the world's leading targets of cyber attacks by nation-state actors.
• India is responsible for 13 percent of cyber attacks in the Asia-Pacific (APAC) region, making it one of the top three countries most attacked by nation-state actors.
• State-sponsored cyber attacks against India increased by 278% between 2021 and September 2023.
• During this period, cyber attacks targeting government agencies increased by 460%.
• According to the National Crime Records Bureau, India has registered a total of 52,974 cases of cyber crime in 2022, out of which more than 60 percent cases are fraud, 8.6 percent cases are sexual exploitation and 5.4 percent cases are extortion.
• Statistics show that in the last 3 years, 47 percent consumers have become victims of fraud, 45 percent cyber crime and 34 percent KYC related fraud.
• According to a survey, after Covid, more than 50 percent of the companies had become victims of financial fraud in new ways.
• Despite the presence of police, e-wallet companies, mobile companies, banks, IT cells etc., the victim of cyber fraud keeps making rounds of banks, customer care, cyber crime, police etc.

Cyber Security Challenges in India:

• Cyber attacks on critical infrastructure: Critical infrastructure sectors such as power, transport, finance and healthcare are becoming increasingly digitalised, making them vulnerable to cyber attacks.
• In 2022, five servers of the All India Institute of Medical Sciences (AIIMS) were hacked by ransomware.
• An estimated 1.3 terabytes of data were encrypted. The hackers had made it impossible for AIIMS to access its own data.
• Financial Cyber Crime: With the rapid expansion of digital banking and e-commerce, financial institutions and consumers are at risk from various cyber threats, including online banking fraud, phishing scams, ransomware attacks, and payment card fraud.
• Cyber espionage and state-sponsored attacks: India is a prime target for cyber espionage by state-sponsored actors seeking to steal sensitive government, military or corporate information.
• Such attacks could compromise national security, economic competitiveness, and diplomatic relations.
• Cyberterrorism and radicalization: Extremist groups and terrorists use online platforms for propaganda, recruitment, and coordination of attacks.
• India faces the challenge of countering cyber radicalism while ensuring the protection of freedom of expression and civil liberties.
• Emerging Technologies: The adoption of emerging technologies such as the Internet of Things (IoT), artificial intelligence (AI) and cloud computing creates new cybersecurity risks.
• Cyber Security Skills Gap and Capacity Building: India grapples with a shortage of skilled cyber security professionals and lack of awareness among users and organizations about best practices for cyber hygiene and risk management.
• Experts have also pointed out the need for job creation in the cyber security industry.
• Regulatory compliance and enforcement: While India has enacted cybersecurity laws and regulations, enforcement and compliance remains challenging.
• While digitalization has intensified the need for cybersecurity, India's cybersecurity regulations remain weak and inadequate.
• Infrastructure gap: India is struggling despite a digitally forward government and one of the world's largest IT-enabled services sectors.
• The powerful technological force lacks critical infrastructure and weak cyber security regulation.

Government Initiatives Related to Cyber Security:

• National Cyber Security Policy (NCSP): Launched in 2013, the policy aims to address cyber security challenges, ensure a secure cyberspace for citizens, businesses and government entities, capacity building, collaboration with stakeholders and outlining strategies to protect critical information infrastructure.
• Indian Cyber Crime Coordination Center (I4C): Set up by the Ministry of Home Affairs, the Center aims to provide a framework and ecosystem for law enforcement agencies (LEAs) to tackle cyber crime in a coordinated and comprehensive manner.
• Indian Computer Emergency Response Team (CERT-In): CERT-In is a national nodal agency responsible for coordinating responses to cyber security incidents, providing early warning and advisory and promoting cyber security awareness and capacity building initiatives across various sectors.
• Cyber Swachhta Kendra (Botnet Cleanup and Malware Analysis Centre): Launched by CERT-In, the Cyber Swachhta Center aims to detect and remove botnet and malware infections from computers and devices across the country. It provides free tools and services to users to secure their systems against cyber threats.
• National Cyber Crime Reporting Portal (Cybercrime.gov.in): The government launched this portal to enable citizens to report cyber crimes online and seek assistance from law enforcement agencies.
• Information Security Education and Awareness (ISEA) Project: The ISEA project focuses on promoting cyber security awareness and education initiatives among various stakeholders including students, professionals, government officials and the general public.
• Cyber Safe India Initiative: This initiative aims to increase cyber security awareness and hygiene practices among individuals, organizations and enterprises across India.

Way forward:

• India needs to focus on developing space capabilities.
• The rival has made rapid progress in the space sector, to counter which India will have to develop space capabilities.
• It is imperative that India creates its own cyber-security, space-based and high-speed resilient communications.
• To deal with the challenges related to cyber security, cyber security experts need to be vigilant in updating innovative technologies, making users aware and encouraging safe technical practices.
• Government, industry and individual users need to consider cyber security as a priority and adopt appropriate security measures.

Conclusion:

All the initiatives launched by the Government to combat cyber attacks have contributed to building a resilient cyber security ecosystem in India, protecting critical infrastructure, protecting digital assets and promoting the digital economy.

Sustained efforts are required to address emerging cyber threats, strengthen the regulatory framework and promote a culture of cyber security awareness.

Source: Hindustan Times

----------------------------------

Mains Question

Discuss the measures to address the major challenges related to cyber security in India.