13 Sep Fortifying India’s Digital Frontier: Navigating the Landscape of Cybersecurity Challenges and Solutions
This article covers “Daily Current Affairs” and topic details of the Fortifying India’s Digital Frontier: Navigating the Landscape of Cybersecurity Challenges and Solutions
Syllabus mapping:
GS:3- Internal Security: Challenges to internal security through communication networks, the role of media and social networking sites in internal security challenges, and basics of cyber security.
For Prelims:
What is I4C, and what types of cyber crimes and terminologies are related to cyber Crimes?
For Mains:
What are the basics of cyber security, challenges posed by cyber crimes to internal security, initiatives taken by the government to prevent cyber crimes, and ways to make cyberspace safer?
Why in the News?
On the occasion of the first Foundation Day celebrations of the Indian Cyber Crime Coordination Centre (I4C), the Union Home Minister launched several significant initiatives to enhance cybercrime prevention and strengthen the country’s cyber security framework.
What are the Cyber Security, Cybercrimes and its forms?
Cybersecurity:
Cybersecurity refers to the practices, technologies, and processes designed to protect digital systems, networks, and data from cyber threats and attacks. Its primary goal is to ensure the confidentiality, integrity, and availability of information and systems by defending them from unauthorized access, damage, or disruption.
Cyber crimes:
Cyber crimes refer to illegal activities conducted using digital devices or networks, primarily the Internet. These crimes exploit technological vulnerabilities to steal, manipulate, or destroy information and disrupt digital systems.
Forms of Cyber Crimes:
1. Identity Theft: This occurs when someone uses another person’s personal information without permission to commit a crime.
2. DDoS Attack: A Distributed Denial-of-Service attack that overwhelms a network with traffic from multiple sources, disrupting its operations.
3. Malware: A broad term for malicious software like viruses, ransomware, and spyware designed to damage systems, steal data, or gain unauthorized access.
4. Ransomware: A type of malware that encrypts a victim’s files and demands a ransom for their decryption.
5. Computer Viruses: Malicious code that infects and destroys files on computer systems and can spread to other devices.
6. Cyberterrorism: Acts of terrorism conducted through cyberspace aimed at causing disruption or harm.
7. Phishing: Phishing is a prevalent form of cybercrime where attackers impersonate legitimate organizations to trick individuals into revealing sensitive information like passwords, credit card numbers, or other personal details.
8. Criminal Hacking: Unauthorized access to computer systems or networks to steal personal information, corporate secrets, or government intelligence.
India and Cyberspace:
CERT-In report 2023 data on various cyber crimes:
| Incident Type | Number of Incidents |
| Phishing | 869 |
| Unauthorized Network Scanning/Probing | 447,720 |
| Vulnerable Services | 941,592 |
| Virus/Malicious Code | 184,131 |
| Website Defacements | 10,665 |
| Website Intrusion & Malware Propagation | 1,045 |
| Others | 6,895 |
| Total | 1,592,917 |
India’s Digital Landscape:Internet Users: March 31, 2014: 25 crores (250 million) to March 31, 2024: 95 crores (950 million) Data Consumption: Average Data Usage in 2024: 20.27 GB per users. Digital Facilities and Transactions:
Panchayat Internet Connectivity: In 2024, 2,13,000 panchayats connected Total Mobile Connections: 1,151 million (82.54% of the population) |
Key initiatives of the Government of India to prevent cybercrimes:
1. Cyber Fraud Mitigation Centre (CFMC): This centre will focus on mitigating cyber fraud and enhancing response mechanisms.
2. Samanvay Platform: A joint cyber crime investigation facilitation system designed to improve coordination and streamline investigations.
3. Cyber Commandos Programme: A plan to train around 5,000 Cyber Commandos over the next five years to tackle cyber threats.
4. Suspect Registry: A national-level registry aimed at preventing cybercrime by connecting states and tracking potential threats.
5. CERT-In: CERT-In, the Indian Computer Emergency Response Team, operates under the Ministry of Electronics and Information Technology (MeitY) with the mission to secure Indian cyberspace. It provides 24×7 support through its incident response Help Desk.
6. Security Profiling, Assurance Framework, and Audit Services: Conducts information security audits, including vulnerability assessments and penetration testing.
7. National Cyber Coordination Centre (NCCC): To generate macroscopic views of cybersecurity threats, provide near-real-time situational awareness, and facilitate rapid response to cyber-attacks and incidents.
8. Cyber Forensics: The Cyber Forensics Lab of CERT-In supports the Incident Response team by conducting detailed investigations and analyzing data from digital storage and mobile devices during cyber incidents.
9. Indian Cyber Crime Coordination Centre (I4C): I4C (Indian Cyber Crime Coordination Centre) was established to serve as a national coordination center for combating cyber crimes and enhancing cybersecurity.
Challenges Posed by Cyber Crimes to Internal Security:
1. Data Breaches and Loss: According to a report by IBM, India faced a significant rise in data breaches with an average cost of data breaches reaching ₹17.7 crore (approximately $2.4 million) per incident in 2023.
2. Disruption of Critical Infrastructure: CERT-In reported over 1,000 incidents of cyber-attacks on critical infrastructure sectors, including power grids and transportation systems in recent years. Attack on the AIIMS Delhi.
3. Advanced Persistent Threats (APTs): Indian organizations have been targeted by advanced persistent threats, notably from state-sponsored actors, with CERT-In detecting various such activities over the years.
4. Ransomware Attacks: In 2023, India witnessed a surge in ransomware attacks with 450 reported incidents impacting various sectors including healthcare and finance.
5. Phishing and Social Engineering: CERT-In reported 869 phishing incidents in 2023 alone. Increased incidents of financial fraud and identity theft affecting individuals and organizations.
6. Insider Threats: While specific figures are less frequently reported, insider threats remain a significant concern, with cases of employees abusing access to sensitive data being periodically disclosed.
7. Lack of Cybersecurity Awareness: Reports indicate that only 40% of Indian organizations have a comprehensive cybersecurity training program for employees. This Increased vulnerability to phishing, malware, and other cyber-attacks due to insufficient awareness and preparedness.
8. Inadequate Incident Response: Many organizations lack effective incident response plans, causing delayed responses and extended recovery times.
9. Outdated Software: The NASSCOM Cybersecurity report indicates that many Indian businesses fail to regularly update their software, leading to exploitable vulnerabilities.
10. Zero-Day Exploits: A study by the IIT-B reported a rise in zero-day exploits affecting Indian software and systems, with an increase of 20% over the past year.
Ways to make cyber space more safer:
Individual Level:
Cybersecurity Awareness: Stay informed about common cyber threats and safe online practices through reliable sources and educational resources.
Use of Security Tools: Implement strong passwords, two-factor authentication, and up-to-date antivirus software to protect personal data.
Report Cyber Incidents: Use the helpline number 1930 to report suspicious activities or cybercrimes to authorities.
Safe transactions: Individuals should take care of spam messages do not share critical information with anyone.
Organizational Level:
Establish Cybersecurity Policies: Develop and enforce comprehensive cybersecurity policies and procedures within the organization.
Implement Training Programs: Regularly conduct cybersecurity training for employees to enhance their awareness and response to cyber threats.
Invest in Cybersecurity Infrastructure: Upgrade and maintain robust security infrastructure, including firewalls, intrusion detection systems, and secure communication channels.
Form Cyber Incident Response Teams: Establish dedicated teams to handle and manage responses to cybersecurity incidents.
Foster Collaboration: Engage in public-private partnerships to share threat intelligence and collaborate on cybersecurity solutions.
State Level:
Strengthen National Cybersecurity Centres: Enhance the capabilities of national centers like CERT-IN to effectively coordinate responses and share threat intelligence.
Implementation of the Personal Data Protection Act 2023: The government should implement data protection law in later and spirit to protect the digital public infrastructure.
Upgradation National Response Plan: The CERT-in is implementing the crisis response plan which needs upgradation to deal with present challenges.
Enhance Infrastructure: Invest in developing and upgrading forensic laboratories and investigative tools to keep pace with evolving threats. Institutions like I4C need more support to make it a premier organization for handling cyber crimes.
Popularize Helpline Number 1930: Organize awareness campaigns to ensure the helpline number is well-known and accessible to the public.
International cooperation: India can adopt the best practices from like-minded countries by cooperating with them. Participation in global initiatives.
Conclusion:
India is an emerging economic powerhouse and the foundation of this powerhouse is based on the digital public infrastructure (DPI). The recent initiatives to protect India’s DPI are commendable but the cyber threat is persistent and coordinated efforts at three levels: Individual, organizational, and state are needed to make India’s cyberspace safer for millions of Indians.
PRELIMS QUESTION:
Q. “Zero-Day Exploits” are often discussed in the context of:
A. Financial market
B. Ecological footprint
C. Cyber Security
D. Earth revolution
ANSWER: C
MAINS QUESTION:
Discuss the major internal security challenges posed by the increasing vulnerability of cyberspace in India. Analyze the strategies and measures that can be implemented to enhance the security and resilience of cyberspace against these threats.
(250 WORDS 15 MARKS)
No Comments