India is among
the top 10 countries facing cyber-attacks. These incidents have
increased manifold during the lockdown period — almost three
times increase in cases of phishing, spamming, and scanning of ICT
systems, particularly of critical information infrastructure. There is a
significant increase in incidents relating to hacking,
injecting malware through spam emails, and other forms of exploiting
vulnerabilities. There was an almost 56% rise in malicious traffic on the
internet during the lockdown period also on account of the culture of work
from home. This might be just the beginning which suggests even more
increased interest in exploiting cyber breaches.
A piece of news
daily too reported massive “denial of service” attacks on the
financial institutions in the country which, however, could not be
verified. The border stand-off has further increased worries about
enhanced cyber attacks from China and its close allies. Several advisories have been
published by the Indian Computer Emergency Team and media about possibilities
of cyber-attacks from China, though not much malicious activity has been
observed.
Many cyber hackers — state, non-state, professional, freelancer’s groups, so-called “anonymous groups” — operate worldwide and conduct attacks internationally. Approximately more than one-third of all cyber-attacks worldwide are launched from China. They have one of the largest military groups of cyber experts in the world. Countries like North Korea and Pakistan are also very active on their own and work in close collaboration with the Chinese. These countries have been accused of perpetrating state-sponsored attacks for a variety of purposes.
Recently, the Australian Prime Minister expressed concerns over Chinese cyber attacks. About 38% of Advance Persistent Threat Vectors like APT40, APT3, APT10, and APT17 have been reported to be developed and deployed by China for espionage, stealing of data, and IP. Some APTs are general-purpose tools but others are customized for specific countries and purposes. The techniques and tools like APT1, APT3, APT10, APT15, APT17, APT26, etc have been deployed against India too. The Chinese are in the process of developing technology to penetrate the internet through satellite channels. Pakistan too has deployed APT 36 targeting Indian entities. The role of a hacker group called LAZARUS is well known in carrying out attacks on financial targets in India, Bangladesh, and other South Asian countries.
The National Cyber Security Policy, 2013, was the first comprehensive document brought out by the government. The policy had several action points. Important ones relate to setting up a National Cyber Security Center, Test Infrastructure, Malware Monitoring & Cleaning Center, National Critical Information Infrastructure Center, etc.
The government
had announced that a new Cyber Security Policy, 2020, will be brought out.
Certainly, there are a lot of gaps with regard to the resilience of
infrastructure. However, let us not overestimate Chinese capabilities and
underestimate ours. Their software codes are not so sophisticated, but they are
successful due to legacy systems deployed in the country. Technologies like
artificial intelligence, machine earning, internet-enabled devices, and big
data have complicated the cyber attack ecosystem. Nevertheless, agencies in the
country are geared up and capable to address challenges. Indian entities have
successfully defended large cyber attacks from China and other countries. We,
however, need to review the 2013 policy and take corrective steps to strengthen
the system to enhance the resiliency of cyber-infrastructure in the country,
particularly critical infrastructure. The draft of the policy, considering
technological innovations and resulting complexity in cyber incidents, should
be announced.
The National
Cyber Coordination Centre urgently needs a significant upgrade in all aspects,
including technology and manpower. Time is of the essence. The role of the
national cyber-security coordinator may also need to be reviewed regarding his
effectiveness in comprehensively coordinating cyber-security issues. Maybe he
needs to be empowered. There must be a single-point of responsibility at the
central level.
Proper coordination is needed between the
coordinator and the respective regulators. We are in a connected world. More
and more activities will be carried on the internet and public networks. The
heterogeneity of devices and software will increase with more built-in
vulnerabilities. Tech and data, due to their very nature, will get
more and more geopolitical attention. We have set a target of a US$ 5 trillion
economy. It is better to be prepared now with respect to policy, legal
framework, monitoring infra, and technology to emerge as safe a and secure
digital country.
