- On November 23, 2022, the premier medical institute in the country, the All India Institute of Medical Sciences New Delhi (AIIMS) was crippled by a major cyber-attack.
- A few days later, another premier hospital, Safdarjung hospital also witnessed a cyber attack. In the past also, witnessed several cyber attacks on its critical infrastructure assets.
- In this context, this edition of the Burning Issue will analyze the issue of cyber security and threats to India.
What is cyberspace?
- A global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
The situation of Cyber Connectivity in India
- 3rd highest internet users: India ranks 3rd in terms of the highest number of internet users in the world after the USA and China, the number has grown 6-fold between 2012-2017 with a compound annual growth rate of 44%.
- Rapid digitalization under progress: India has witnessed rapid digitalization in almost all spheres of public life. There is greater and easy access to financial services even for rural populations. Missions like Make in India and Digital India are creating a positive ripple effect across the economy.
What are Cyber Security Threats?
- Cyber Security is protecting our cyberspace (critical infrastructure) from attack, damage, misuse and economic espionage.
- Cyber Intrusions and Attacks have increased dramatically over the last decade, exposing sensitive personal and business information, disrupting critical operations, and imposing high costs on the economy.
- While traditional businesses are adopting e-platforms to widen their reach, new businesses based solely on new technologies like social, mobile, analytics and cloud (SMAC) are growing at breakneck speed. The Internet of Things (IoT)1, where interconnected devices could monitor various aspects of professional and personal life using internet-based technology, is fast becoming a reality.
- Although smart devices connected to the internet will make lives simpler, they are also likely to expose individuals and organizations to cyber threats.
- Cyber-attacks can vary in nature and include scenarios – such as the introduction of malicious software like trojans, worms, viruses and spyware; password phishing; and denial-of-service attacks intended to crash websites.
- Any successful cyberattack on a critical asset such as a power grid will have a multiplier effect, crippling communications, and transportation and even endangering the health and safety of citizens.
Cyber security situation in India
- Top 10 spam-sending countries: India secures a spot amongst the top 10 spam-sending countries in the world alongside the USA.
- One of the most affected countries: India was ranked among the top five countries to be affected by cybercrime, according to a 22 October report by online security firm Symantec Corp.
- India witnessed over 18 million cyber-attacks and threats, at an average of nearly 200,000 threats every day, in the first three months of 2022, according to the cyber security firm, Norton.
Famous examples of Cyber-Attacks in India
- In May 2021, the national airline Air India reported a cyber-attack in which the data of 4.5 million of its customers across the world, was compromised.
- In October 2019, there was an attempted cyber-attack on the Kudankulam Nuclear power plant.
- In February 2022, a suspected ransomware attack briefly knocked out the management information system (MIS) at Jawaharlal Nehru Port Container Terminal (JNPCT), one of five marine facilities in India’s top container gateway of JNPT (Nhava Sheva).
Impacts of Cyber Security Breaches
- Compromise integral defense systems: Tactical teams trained in cyber warfare have been deployed to attack critical infrastructure to compromise integral defence systems and infrastructure.
- Huge ransom demands: A growing number of miscreants are holding large companies ransom through systemic attacks and ransomware. Recently, in India, a large power company’s operations were compromised due to a ransomware attack.
- Increases risk of fraud, data breaches: These incidents increase an organization’s risk of fraud, intellectual property theft, network incapacitation and damage to brand and corporate reputation – all of which can have far-reaching and expensive consequences.
Steps taken to bolster cyber security infrastructure in India
- Legal framework: There are two legislations: The Information Technology Act 2000, provides the legal framework for addressing cybercrimes and cyberattacks. Criminal countermeasures include the use of this Act along with the Indian Penal Code.
- Administrative: The Ministry of Electronics and Information Technology (MeitY) is responsible for cyber security. The Computer Emergency Response Team, CERT-IN, an office within MeitY, is the nodal agency for dealing with cyber security threats. CERT-IN also augments the security-related defence of the Indian Internet domain.
- Institutional: Several other government agencies are involved in dealing with cyber security and allied issues. The National Security Council Secretariat is the central coordinating body for cybersecurity and internet governance. The National Critical Information Infrastructure Protection Center (NCIIPC) focuses on cyber threats to critical information infrastructure and has been successful. The Cyber and Information Security Division (C&IS) of the Ministry of Home Affairs, is also concerned with cybersecurity and cybercrime
- Policy: India’s National Cyber Policy, 2013 is up for an overhaul and a new National Cybersecurity policy will be announced in the near future.
- Coordination with states: The Indian Cybercrime Co-ordination Centre (I4C) established by the Ministry of Home Affairs, acts as a nodal point in the response against cybercrime by coordinating with state police forces across the country. It also co-ordinates the implementation of mutual legal assistance treaties (MLAT) with other countries.
- Intelligence wing: The National Technical Research Organisation (NTRO) is a technical intelligence agency under the National Security Advisor in the Prime Minister’s Office. The NCIIPC works within the NTRO.
- Improved rankings: With continuous efforts at improvement, India has moved up 37 places to be ranked 10th in the Global Cybersecurity Index 2020 (GCI), according to a report by the International Telecommunication Union (ITU)
What more can be done: The Way Forward
- Private sector participation: Companies like Mastercard which have decades of global expertise in managing such risks and creating architecture that mitigate them can help build and strengthen cybersecurity systems.
- Active roles of governments: Governments, both at the state and central level as well as industry will need to play an active role in spreading awareness and training individuals.
- Strengthening the trifecta of policy, infrastructure and awareness: A large part of India’s population is digitally literate but unaware of basic security measures. As India embarks on its Techade of growth and global leadership, the trifecta of policy, infrastructure and awareness will be imperative to ensure that digital growth does not come at the cost of compromised cybersecurity.
- A whole-of-nation approach must be followed: This requires a comprehensive national risk assessment in line with the criticality of Indian assets and capabilities of the adversaries. It must be done by engaging stakeholders and creating a trusted information-sharing mechanism.
- A clear governance structure for organizations: mandated with cybersecurity and cyber crisis management, with a proper mandate clarifying the roles and responsibilities of different bodies, should be established to take stock of existing policies practices and capabilities.
- Creating a massive information-sharing mechanism: Stakeholders Including different state and central government departments, law enforcement and even corporates should also be engaged through a wide consultation and information-sharing mechanism to create baseline security benchmarks, and test them by organizing regular security drills, thereby augmenting incident response capabilities.
- Promote PPP model: The government must act as a facilitator and create a public-private partnership and lay adequate stress on user awareness and education. Most importantly, privacy and security should be balanced while handling cybercrime and fostering R&D to maintain a position of dominance in cyberspace.
- International cooperation: India must be a part of international cooperation efforts to promote responsible behavior in cyberspace. The country is still not a signatory to several conventions including the Budapest Convention. The two-decade-old Budapest Convention can be updated and made more democratic by taking into account the concerns of the developing world, where the majority of the world’s future consumers are from.
- As cybersecurity will continue to remain a potent factor in India’s digital ecosystem, all stakeholders must focus on a collaborative approach to develop formidable solutions that can create safer digital spaces.
- The role of policymakers will be equally crucial as they can help the industry in catalyzing innovation and bringing new solutions to the market at a faster pace and with enhanced agility.