Governments house vast and diverse amounts of information on their networks, servers, and websites. Every day these agencies face persistent and advanced cyber threats that steal money and disrupt services, putting the public at risk.
India’s rapid transition towards digital economy coupled with national projects like Digital India, Smart Cities, National Broadband Network and so on are altering the digital landscape rapidly with direct impact on governance, transparency, and accountability. With the drive towards a digital economy, a large amount of consumer and citizen data will be stored digitally, and many transactions will be carried out online, by individuals, companies, as well as government departments. This rapid change towards a digital environment has brought to fore the challenges of certain security risks and concerns, particularly to human and nation’s cybersecurity.
India needs to find indigenous technologies to deal with this constant threat to ensure its security in cyberspace. With sufficient cybersecurity measures, policies and framework in place, the Digital India and Smart Cities initiatives can be made more efficient and secure.
The Rise of Cyber Threat
The cyber threat exists 24×7 and manifests along the full spectrum starting from cybercrime to cyber espionage to cyber terrorism and cyber war. About 80 per cent of cyber-attacks are related to cybercrimes.
Cybercrimes are likely to increase exponentially with the fielding of virtual currency, Internet of Things, big data, cloud technology, drones, robotics, Blockchain and so on. The Indian Computer Emergency Response Team (CERT-In) stated that until June 2017 alone, India witnessed more than 27,000 cybersecurity threats.
The latest entrant to the long list of cyber-crimes is the installation of “Ransomware” to cripple a network and demand ransom to restore the same. Recent ransomware attacks using Wanna Cry and Petya viruses have amply confirmed cyber as a “Weapon of Mass Disruption” with more than 300,000 computers affected across different sectors: health, finance, transport, ports and so on in 150 countries. Another major cyber-attack was on HBO with hackers demanding 2.5 million in Bitcoins.
One of the biggest cyber-attack in 2016 in the history of India’s banks was the hacking of debit cards wherein as many as 32 lakh debit cards belonging to major Indian banks such as HDFC Bank, ICICI Bank, Yes Bank, Axis Bank, and SBI, were compromised resulting in the estimated loss of Rs. 1.3 crore in fraudulent transactions as per National Payments Corporation of India (NPCI).
The infamous hacker group “Legion Crew” broke into the Twitter accounts and partial email dumps of prominent public figures such as Rahul Gandhi, businessman Vijay Mallya, and NDTV journalists Barkha Dutt and Ravish Kumar.
Foodtech startup Zomato, in May, was affected by a data breach which led to details of 7.7 million users being stolen. The leaked information, listed for sale on a Darknet market. The company was, however, able to contact the hacker and take down the data. Reliance Jio was also affected by a data breach; an independent website named magicapk.com went online, giving anyone access to personal details of Jio customers.
Initiatives in India
India was one of the handful of nations to enforce Information Technology Act in the year 2000 as a legal policy document to deal with cyber interventions. The same was revised in 2008. Similarly, the National Cyber Security Policy was issued in 2013. Indian Computer Emergency Response Team (CERT-in) was established in January 2004 to enhance the security of India’s Communications and Information Infrastructure through proactive action and effective collaboration. To combat cybersecurity violations and prevent their increase, Computer Emergency Response Team (CERT-in) in February 2017 launched ‘Cyber Swachhta Kendra’ (Botnet Cleaning and Malware Analysis Centre) a new desktop and mobile security solution for cyber security in India.
India is very vulnerable to cyber attacks due to an inadequate appreciation of the threat and rather tardy and disjointed implementation of policies.
In wake of this, the government must aim to develop and adopt high-level cybersecurity policy to combat cyber-attacks. Also, India must focus on skills development in this domain and have a capable workforce to achieve the targets set by Indian Government. The country must look up to develop an overall intelligence framework that brings together industry, governments, and individuals with specific capabilities for this purpose.
Addressing cybersecurity needs of the country by adopting suitable regulatory, policy and architectural steps would help achieve the objectives of Digital India and Smart Cities.
(Views expressed in this article are of Sanjeev Kumar Maini, MD & CEO, Naesys Dimensions Solution)