Demand of the question:
It expects students to write about the most potent threats to the safety and sovereignty of Indian cyberspace along with the recent measures taken to strengthen the security of Indian cyberspace.
Amid border tension with China, the government banned 59 Chinese apps including TikTok, WeChat, Shareit, UC Browser, etc. This was done by invoking Section 69A of the Information Technology Act, which empowers the government to block the apps which are engaged in activities prejudicial to sovereignty and integrity of the country, its defence, security of state and public order.
As the lack of digital literacy, substandard quality of devices used to access internet, import dependence, lack of skilled manpower makes Indian cyberspace vulnerable to cyber threats. The digital economy today comprises 14-15% of India’s total economy, and is targeted to reach 20% by 2024. India has more than 120 recognised data centres and clouds. The average data consumption per person a year is in the range of 15-20 gigabits.
Most potent threats to safety and sovereignty of Indian cyberspace:
A cyber security firm Cyfirma has warned against a potential cyber attack from hacking groups in China in retaliation for the violent clashes between armed forces in India and China. Reports of ‘incident’ happened in Kudankulam Nuclear power plant in last September was related to cyber security, highlights threats posed to cyberspace of India by various elements based in national and international arena.
- Threats to Critical information infrastructure: As it is essential to the functioning of a modern economy, security and other essential social services. Critical information sectors in India include Power, ICT/Communication, Finance/Banking, Transport and e-governance. A minor disruption at one point could have a rippling effect across multiple infrastructures.
- As tool of Proxy warfare: China has built strong ‘cyber offense force’. Hacking groups of Pakistan and China, external intelligence agency of Pakistan has started using cyber space as tool to attack security and economic infrastructure, which might hamper India’s growth trajectory. These countries are acquiring offensive capabilities by building bits of software called ‘cyber weapons’ to do enormous damage to the adversary’s networks.
- Threat to economic security: Sectors such as healthcare, retail trade, energy and media face advance persistent threats (APTs), as the latest reports of an Israeli spyware allegedly used to spy on Indian journalists and human rights activists attest. These incidents relating to data leakage, ransom ware, ATM/credit cards denial of service, diversion of network traffic intrusion in IT systems and networks using malware are on rise.
- Threat to IT infrastructure: As India is renowned IT service provider to the rest of the world; compromise on the security of IT infrastructure will be huge risk to India’s service sector.
- Advance technologies: With more inclusion of artificial intelligence (AI), machine learning (ML), data analytics, cloud computing and Internet of Things (IoT), cyberspace has become a complex domain, giving rise to threats of complex nature. Attacks on embedded systems and IoT have also registered a sharp increase of late. Such incidents are being launched from cyberspace of different international jurisdictions.
Recent measures taken to strengthen the security of Indian cyberspace:
- Regarding ban of Chinese apps: The ministry of electronics and information technology said in a statement that it has received many complaints from various sources including several reports about misuse of some mobile apps available on Android and iOS platforms for stealing and surreptitiously transmitting users’ data in an unauthorised manner to servers which have locations outside India.
- The Indian Cyber Crime Coordination Centre, ministry of home affairs has also sent an exhaustive recommendation for blocking these malicious apps.
- The Computer Emergency Response Team (CERT-IN) has also received many representations from citizens regarding security of data and breach of privacy impacting upon public order issues.
- National Critical Information Infrastructure Protection Centre (NCIIPC) to battle cyber security threats in strategic areas such as air control, nuclear and space. It will function under the National Technical Research Organisation, a technical intelligence gathering agency controlled directly by the National Security Adviser in PMO.
- National cyber coordination centre (NCCC) to scan internet traffic coming into the country and provide real time situational awareness and alert various security agencies.
- A new Cyber and Information Security (CIS) Division has been created to tackle internet crimes such as cyber threats, child pornography and online stalking.
- Under this, Indian cyber- crime coordination centre (I4C) and Cyber Warrior Police force has also been established.
- Ministry of Defence formed Defence Cyber Agency in the realm of military cyber security. Indian Computer Emergency Response Team (CERT-in) to enhance the security of India’s Communications and Information Infrastructure through proactive action and effective collaboration.
- CERT-fin has also been launched exclusively for financial sector. CERT-in is also operating Cyber Swachhta Kendra, a Botnet Cleaning and Malware Analysis Centre.
- Government inaugurated the new body National Information Centre Computer Emergency Response Team (NIC-CERT) to prevent and predict cyber-attacks on government utilities.
- Cyber Surakshit Bharat Initiative to strengthen Cyber security ecosystem in India. It is first public private partnership of its kind and will leverage the expertise of the IT industry in cyber security.
Stress on development of cutting edge technology in the field of cyber security along with capacity of skilled human resources can make Indian cyber space robust, irrespective of changing norms of cyber behaviour at global level. Priority to cyber security is no longer optional but one of the pillar of India’s internal and external security.