Home About Us
About Jigyasa IAS Mission & Vision Director’s Message
UPSC CSE
About Civil Services Examination Eligibility Criteria for CSE CSE Exam Pattern How to prepare for CSE How to choose optional subject
Courses
GS Foundation Course Sociology Optional Courses Guided Preparation Module Daily Rigorous Answer Writing
Daily Feeds
Daily Current Affairs Editorials Daily Quiz Free Answer Writing
Useful Links
About Prelims About Mains About Interview Daily Study Guideline Essential Book List
Downloads
NCERT Book List Govt. Welfare Schemes Daily Downloads
Contact Us
Blog Login

Cybersecurity Strengthening

CYBER SECURITY
02 Jan, 2023

NEWS HIGHLIGHT 

Theme : Cybercrime & Security
Paper:GS-3

 

The reported illegal offer for sale of the private data of some 30 million railway passengers is the latest incident highlighting the dangers of an insecure, yet digitally enabled economy. 

 

TABLE OF CONTENT

  1. Context
  2. Various Concerns
  3. Why is there an Increase in Cyber Attacks?
  4. Challenges with the Cyber Security
  5. Government Interventions to Ensure Cybersecurity
  6. Road Ahead

Context : The reported illegal offer for sale of the private data of some 30 million railway passengers is the latest incident highlighting the dangers of an insecure, yet digitally enabled economy. 

Various Concerns : 

  • India registers a very high number of cyber ransom attacks. These two incidents are just the highly visible tip of a cybercrime iceberg. 
  • India has turned into a major hub for global cybercrime and the large volume of cybercrimes makes it more vulnerable.
  • There are legislative lacunae in that India doesn’t have a personal data protection law. 
  • Large databases of personal data are sold regularly, more or less openly, in an almost normalized fashion. 
  • There have been innumerable data breaches and leaks on smaller scales across multiple sectors. 
  • There are organized gangs, making a living out of running phishing scams and cybersex blackmail rackets. 

Why is there an Increase in Cyber Attacks?

  • Cheap Accessibility of Data:
  • India is famously the cheapest place in the world in terms of data tariff. 
  • It is also the nation with the highest per capita data consumption. 
  • As new high-speed internet technologies such as 5G and satellite broadband roll out, data generation is likely to rise exponentially, so are cybercrimes. 
  • Increasing Dependency on Technology: 
  • As we grow faster, more and more systems are being shifted to virtual space to promote access and ease of use. 
  • However, the downside to this trend is the increased vulnerability of such systems to cyber-attacks.
  • Asymmetric and covert warfare: 
  • Unlike conventional warfare with loss of lives and eyeball to eyeball situations, cyber warfare is covert warfare with the scope of plausible deniability, i.e. the governments can deny their involvement even when they are caught. 
  • Therefore, cyber warfare has increasingly become the chosen space for conflict between nations.
  • Adverse relations with China: 
  • China is considered one of the world leaders in information technology. 
  • Therefore, it is expected to have capabilities to disable or partially interrupt the information technology services in another country. 

Challenges with the Cyber Security : 

  • Lack of consciousness for cybersecurity: 
  • In an digitally enabled economy where a high and rising proportion of transactions is digital, there is a lack of consciousness about the need for cybersecurity. 
  • Vulnerable points in the system: 
  • There is a need to find and address the vulnerable points in the system, which might allow unauthorized entry into the system. For e.g. it is expected that the sensitive nuclear data is protected by heavy encryption, but the users may be vulnerable to human errors while accessing the systems. 
  • State-sponsored Cyber Attacks: 
  • The problem with such state-sponsored attacks is the unlimited funding received by the hackers to break into the foreign systems. This means that to counter such threats from China or other countries, India needs to allocate sufficient resources, which can proportionately deter the systems from being compromised. 
  • Low digital literacy among the general public: 
  • It is often reported that people are duped easily by click-baiting them into clicking interesting content, which often has malware attached to itself. 

Government Interventions to Ensure Cybersecurity : 

  • Latest Initiatives:
  • The Digital India initiative aims to deliver the entire spectrum of government services online, and it also aims to enable a cashless digital economy operating across the entire range of products and services offered by the private sector. 
  • The Unified Payments Interface (UPI) ties together many disparate fintech service providers, and financial entities generate billions of daily transactions. 
  • The Open Network for Digital Commerce (ONDC) is even more ambitious in that it conceptualizes end-to-end seamless logistics, and transactional ability across the retail and e-commerce space.
  • Institutional Structure: 
  • India has a well-organized structure to regulate and strengthen the national information technology systems across the country. 
  • This includes the National Cyber Security Council as well as Computer Emergency Response Team – India (CERT-In).
  • Personal Data Protection Bill: 
  • The bill mandates strengthening of data infrastructure by the private companies to safeguard the data of individuals. 
  • Therefore, there is a focus on including the private companies in the ambit of data protection, rather than restricting it to the government only.
  • Banning of potentially unsafe apps: 
  • India had banned many apps (mostly of Chinese origin), which were found to be unsafe for usage by the Indian citizens. 
  • The apps were allegedly transferring data to the servers located outside India and did not have proper safeguards to ensure that the private data of Indian citizens was protected from unauthorized access.
  • Upcoming Cyber Security Strategy: 
  • Cyber Security Strategy aims to prepare a comprehensive document on preparing for and dealing with the cyber-attacks and securing the cyberspace in the country. 
  • For e.g. the strategy identifies three stages in the arena of cyber-attacks:
  • Pre attack or Preparatory Phase: 
  • In this stage, the systems’ gaps are identified and they are plugged in. 
  • The focus is on strengthening the defense mechanism and the firewalls and keeping the system up to date so that any potential threat is averted and the system is not compromised

Road Ahead : 

  • Strengthening the Policy Ecosystem: 
  • The need of the hour is to come up with a futuristic National Cyber-Security Policy which allocates adequate resources and addresses the concerns of the stakeholders. 
  • A personal data protection law needs to be implemented at the earliest and it needs to offer the citizens both adequate protection and the chance of recompense for damaging data leaks, possibly through allowing class-action suits to claim damages from the leaking organizations. 
  • Increased awareness and monitoring:  
  • There is a need to enhance the general awareness levels of the government installations as well as the general public to counter such threats.
  • Agencies like the Indian Computer Emergency Response Team (CERT-In) need to look at creating outreach programmes to spread the gospel of cybersecurity well beyond government organizations and companies to individuals. 
  • Continuous Testing: 
  • There is a need to conduct regular and frequent checks of the existing system by bringing in ethical hackers and other experts on board so that if there are chinks in the system, they can be addressed swiftly before they are exploited by the hackers.
  • Pre-empting the cyber-attacks: 
  • There is a need to invest in the right tools and technologies apart from the human resources, which can predict and detect the cyber attacks early, so that preventive steps could be taken while the time is still on our side. 
  • Partnership with the private sector: 
  • There is a need to collaborate and cooperate in erecting defenses against outside intruders, who try to gain unauthorized entry into the system.
  • Investing in Capacity Building: 
  • Unlike other sectors requiring huge machinery and equipment, information technology is one sector which is highly dependent upon the skill level of human resources more than anything else.
  • India needs to invest in cybersecurity and data protection.

FAQs : 

  1. State 2 Challenges to Cybersecurity?

ANS. 

  • Lack of consciousness for cybersecurity: 
  • In an digitally enabled economy where a high and rising proportion of transactions is digital, there is a lack of consciousness about the need for cybersecurity. 
  • Vulnerable points in the system: 
  • There is a need to find and address the vulnerable points in the system, which might allow unauthorized entry into the system. For e.g. it is expected that the sensitive nuclear data is protected by heavy encryption, but the users may be vulnerable to human errors while accessing the systems. 

  1. What is the Institutional Structure of Cybersecurity in India?

ANS.

  •  India has a well-organized structure to regulate and strengthen the national information technology systems across the country. 
  • This includes the National Cyber Security Council as well as Computer Emergency Response Team – India (CERT-In).