3. How do mobile apps pose a threat to internal security? Examine.
मोबाइल ऐप आंतरिक सुरक्षा के लिए खतरा कैसे पैदा करते हैं? जांच करें।
Demand of the question:
It expects students to put forth view of how mobile apps pose a threat to internal security and what needs to be done to tackle this threat to internal security.
The Ministry of Information Technology, invoking it’s power under section 69A of the Information Technology Act, in view of the emergent nature of threats has decided to block 47 more Chinese apps in addition to 59 apps. The reasons cited in view of information available that they are engaged in activities which is prejudicial to sovereignty and integrity of India, defence of India, security of state and public order.
Mobile users are generally unaware of the importance of internal security and often assume mobile apps are safe for download. Such lax mindsets, as well as the low cost and ease in developing mobile malware, mean apps are now the main source of mobile threats to internal security. Following kind of cyber attacks or stealing of information can be done through mobile apps:
- Malware, short for malicious software refers to any kind of software that is designed to cause damage to a single computer, server, or computer network. Ransomware, Spy ware, Worms, viruses, and Trojans are all varieties of malware.
- For instance, WannaCry, it was a ransomware attack that spread rapidly in May, 2017. The ransomware locked users’ devices and prevented them from accessing data and software until a certain ransom was paid to the criminals. Top five cities in India (Kolkata, Delhi, Bhubaneswar, Pune and Mumbai) got impacted due to it.
- Phishing: It is the method of trying to gather personal information using deceptive e-mails and websites. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. It is often used to steal user data, including login credentials and credit card numbers. e.g. A malware attack on Kudankulam power plant.
- Denial of Service attacks: A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.
- For instance, six banks were attacked in the USA in 2012. If denial of service attack is initiated on the banking system in India, it would lead to structural collapse of the system and will result in creating chaos.
- A local, state or central government maintains huge amount of confidential data related to country (geographical, military strategic assets etc.) and citizens. Unauthorized access to the data can lead to serious threats on a country. e.g. Aadhar data breach.
- Photos, videos and other personal information shared by an individual on social networking sites can be inappropriately used by others, leading to serious and even life-threatening incidents. So it is also harmful for the citizens of India. e.g. Honey trapping incidences with respect to defence personnel.
- Company employees have a lot of data and information on their mobiles. A cyber attack or stealing of information through mobile apps may lead to loss of competitive information (such as patents or original work), loss of employees/customers private data resulting into complete loss of public trust on the integrity of the organization.
- Many of the public personnel also store important relevant data on mobile. Their mobile microphone or camera can be turned on through distant communication, resulting in breach of security.
- India’s push towards cashless payments accelerated in 2019, as card and mobile payments as a percentage of GDP rose to 20%. Since most of the times payments are done through mobile phones, a malicious app can steal the sensitive information of the user and pose a financial security threat to the user.
Hence, due to the evolutionary nature of the mobile apps they pose a grave threat to the internal security of country. Following are the government initiatives and necessary steps which will help to tackle this internal security threat.
- Budapest Convention on Cybercrime: It is an international treaty that seeks to address Internet and computer crime (cybercrime) by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations.
- As most of the mobile apps market is dominated by China there is need to give impetus to develop indigenous apps which will in turn help to have a secure use of important apps. e.g. AatmaNirbhar bharat app innovation challenge.
- Cyber Surakshit Bharat Initiative: It was launched in 2018 with an aim to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments. The mandate of this initiative also needs to be expanded to include mobile app based threats too.
- International cooperation: Looking forward to becoming a secure mobile ecosystem, India needs to join hands with several developed countries like the United States, Singapore, Japan, etc. These agreements will help India to challenge even more sophisticated mobile app based cyber threats.
- Also individual level strategy needs to be adopted to secure the data such as, lock the phone with a intricate pass code, encrypting storage, learning to remotely wipe the cell phone, etc.
India today accounts for nearly 420 million mobile phone users. A single mobile data breach can pose a bigger threat of national internal security in front of any country. Hence, it becomes imperative to be well prepared to tackle any of these kind of challenges if arises in future. Which will ensure a safety of the confidential as well as personal information of users in turn helping to secure country’s internal security.