Cyber-security

Practice Question: Increased digital penetration in India has introduced numerous threats along with benefits in the cyberspace. Analyze these challenges from the perspective of cyber-security. – 250 words.

Relevant data:

  • According to the Internet Trends 2017 report, 27% of India’s population uses the internet.
  • India will have 730 million internet users by 2020.
  • 75% of the users shall be from the rural areas.
  • There will be 175 million people shopping online.
  • 70% of the e-commerce transactions would be done via mobile.

These set of numbers clearly indicate that the internet penetration in India is going to be huge in the near future. This digital boom shall bring with it, its own set of challenges.

What are the challenges associated with cyberspace?

  • Innumerable entry points to the internet – As internet is accessible by anyone and from anywhere, the risks associated with it increase manifold. Thus, attribution of any act to any person becomes increasingly difficult.
  • Automation – Offenders can use automation to scale up their activities – many millions of unsolicited bulk spam messages can be sent out by automation thus enabling unlimited attacks. Hacking attacks are often also now automated with as many as 80 million hacking attacks every day due to the use of software tools that can attack thousands of computer systems within hours.
  • Lack of uniformity in safety of devices used for internet access – The widening gap between the security offered by the high-end secure phones and lower cost mobiles make it almost impossible for legal and technical standards to be set for data protection by the regulators.
  • AI and IoT – With the advancement of technology, people are always connected to the internet. This makes them more vulnerable to cyber-threats.
  • Transnational nature of crimes – Since the internet has enable cross-border exchange of data, the victims of cyber-crimes are mostly located in a different country than the place of origination of crime. This makes situation difficult for the law-enforcement agencies.
  • Lack of awareness – There is a lack of awareness at both organisational as well as individual level. Domestic netizens can protect and be protected from the cyber attacks only if there is a guided and supervised legal framework along with adequate awareness.
  • Shortage of skilled personnel – the extreme and growing shortage of skilled cybersecurity personnel to analyze and respond to cyber-security breaches is a challenge.

Steps taken by the government – 

Steps taken by the Government to check hacking and cyber crimes are as follows:

  1. Section 43, 43A, 66, 66B, 66C, 66D, 66E, 66F, 67, 67A, 67B, 70, 72, 72A and 74 of the Information Technology Act, 2000 deal with hacking and cyber crimes. In the Information Technology Amendment Act, 2008, cybersecurity is exercised under sections 43 (data protection), 66 (hacking), 66A (measures against sending offensive messages), 66B punishment for illegally possessing stolen computer resources or communication devices), 67(protection against unauthorised access to data), 69 (cyberterrorism), 70 (securing access or attempting to secure access to a protected system) and 72 (privacy and confidentiality) among others.
  2. The National Cyber-security Policy has been developed to build a secure and resilient cyberspace for India’s citizens and businesses. The policy aims to protect information and the information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threats, reduce vulnerabilities and minimise damage from cyber incidents through a combination of institutional structures, people, processes, technology and cooperation.
  3. Government approved a ‘Framework for enhancing security in cyberspace’ for cyber security in the Indian cyberspace, with the National Security Council Secretariat as nodal agency.
  4. National Technical Research Organisation has been designated as the nodal agency for taking all measures for protection of national critical infrastructure and to handle cyber security incidents in critical sectors.
  5. Further, Indian Computer Emergency Response Team (CERT-In) is designated as the national agency for incident response including analysis, forecast and alerts on cyber security breaches.
  6. Ministry of Home Affairs is implementing the ‘Cyber Crime Prevention against Women & Children’ Scheme with the objective of handling issues of cyber crime against women and children.
  7. The government has undertaken a mass digital literacy programme which aims not only to give people at the bottom of the pyramid access to technology but also to enable them to negotiate technology in their local language.

Way ahead:

Cyberspace is becoming more complex and we need continuous innovation to keep the space secure and resilient to threats. Indigenous solutions, in-house expertise and startup eco-system needs to be created to reduce dependence on foreign products and solutions for securing our critical infrastructure and defence installations.

The National e-governance Division of MeitY should periodically audit compliance of e-services offered by government organs. It should bring out a performance report of e-services with a view to improve service delivery.

Sources: PIB, NITI AAYOG, Indian Express

Featured Image Source: Livemint.