Recently, Chinese state-sponsored hackers targeted Indian electricity distribution centers near Ladakh. Amid a surge in cyberattacks on India’s networks, the Centre is yet to implement the National Cyber Security Strategy which has been in the works since 2020.
GS-III: Challenges to Internal Security through Communication Networks, Role of Media and Social Networking Sites in Internal Security Challenges, Basics of Cyber Security; Money-Laundering and its prevention.
Dimensions of the Article
- Recent trends of Cyber-attacks in India
- What is the National Cyber Security Strategy?
- What Seps does the report suggest?
- Progress in its implementation
- Way Forward
Recent trends of Cyber-attacks in India
- As per American cybersecurity firm Palo Alto Networks’ 2021 report, Maharashtra was the most targeted State in India — facing 42% of all ransomware attacks.
- India is among the more economically profitable regions for hacker groups and hence these hackers ask Indian firms to pay a ransom, usually using cryptocurrencies, in order to regain access to the data.
- One in four Indian organisations suffered a ransomware attack in 2021.
- Indian organisations witnessed a 218% increase in ransomware — higher than the global average of 21%.
- Software and services (26%), capital goods (14%) and the public sector (9%) were among the most targeted sectors.
Increase in such attacks has brought to light the urgent need for strengthening India’s cybersecurity.
What is the National Cyber Security Strategy?
Conceptualised by the Data Security Council of India (DSCI), the report focuses on 21 areas to ensure a safe, secure, trusted, resilient, and vibrant cyberspace for India.
The main sectors of focus of the report are:
- Large scale digitization of public services: There needs to be a focus on security in the early stages of design in all digitization initiatives and for developing institutional capability for assessment, evaluation, certification, and rating of core devices.
- Supply chain security: There should be robust monitoring and mapping of the supply chain of the Integrated circuits (ICT) and electronics products. Product testing and certification needs to be scaled up, and the country’s semiconductor design capabilities must be leveraged globally.
- Critical information infrastructure protection: The supervisory control and data acquisition (SCADA) security should be integrated with enterprise security. A repository of vulnerabilities should also be maintained.
- Digital payments: There should be mapping and modelling of devices and platform deployed, transacting entities, payment flows, interfaces and data exchange as well as threat research and sharing of threat intelligence.
- State-level cyber security: State-level cybersecurity policies and guidelines for security architecture, operations, and governance need to be developed.
What steps does the report suggest?
To implement cybersecurity in the above-listed focus areas, the report lists the following recommendations:
- Budgetary provisions: A minimum allocation of 0.25% of the annual budget, which can be raised up to 1% has been recommended to be set aside for cyber security.
- Ministry-wise allocation: In terms of separate ministries and agencies, 15-20% of the IT/technology expenditure should be earmarked for cybersecurity.
- Setting up a Fund of Funds: The report also suggests setting up a Fund of Funds for cybersecurity and to provide central funding to States to build capabilities in the same field.
- R&D, skill-building and technology development: The report suggests investing in modernization and digitization of ICTs, setting up a short and long term agenda for cyber security via outcome-based programs and providing investments in deep-tech cyber security innovation.
- National framework for certifications: Furthermore, a national framework should be devised in collaboration with institutions like the National Skill Development Corporation (NSDC) and ISEA (Information Security Education and Awareness) to provide global professional certifications in security.
- Creating a ‘cyber security services’: The DSCI further recommends creating a ‘cyber security services’ with cadre chosen from the Indian Engineering Services.
- Crisis management: For adequate preparation to handle crisis, the DSCI recommends holding cybersecurity drills which include real-life scenarios with their ramifications. In critical sectors, simulation exercises for cross-border scenarios must be held on an inter-country basis.
- Cyber insurance: Cyber insurance being a yet to be researched field, must have an actuarial science to address cybersecurity risks in business and technology scenarios as well as calculate threat exposures.
- Cyber diplomacy: Cyber diplomacy plays a huge role in shaping India’s global relations. To further better diplomacy, the government should promote brand India as a responsible player in cyber security and also create ‘cyber envoys’ for the key countries/regions.
- Cybercrime investigation: It also suggests charting a five-year roadmap factoring possible technology transformation, setting up exclusive courts to deal with cybercrimes and remove backlog of cybercrimes by increasing centers providing opinion related to digital evidence under section 79A of the IT act.
- Advanced forensic training: Moreover, the DSCI suggests advanced forensic training for agencies to keep up in the age of AI/ML, blockchain, IoT, cloud, automation.
- Cooperation among agencies: Law enforcement and other agencies should partner with their counterparts abroad to seek information of service providers overseas.
Progress in its implementation
- The Centre has formulated a draft National Cyber Security Strategy 2021 which holistically looks at addressing the issues of security of national cyberspace.
- Without mentioning a deadline for its implementation, the Centre added that it had no plans as of yet to coordinate with other countries to develop a global legal framework on cyber terrorism.
India has to contend with the importance and necessity of cyber offence as much as cyber defense. As of today, India’s primary or possibly only response measures appear to be defensive. India has to also invest in more offensive cyber means as a response.
Source – The Hindu