Note4Students
From UPSC perspective, the following things are important :
Prelims level: Ransomware, Recent events of Cyberattacks and malwares
Mains level: Cyberattacks, cyber security infrastructure. Read the attached article
Central Idea
- The past few weeks have highlighted the soft underbelly of our fast-expanding digital networks. Ransomwares have emerged as the most predominant of malicious cyberattacks. Here, the perpetrators demand hefty payments for the release of withheld data. Data show that over 75% of Indian organisations have faced such attacks, with each breach costing an average of ₹35 crore of damage.
Two recent ransomware attacks
- Ransomware attack on AIIMS: The first was the ransomware attack on the servers of India’s premium institute, the All-India Institute of Medical Sciences. Nearly 40 million health records were compromised and it took over two weeks for the systems to be brought online.
- BlackCat breached Solar Industries Ltd.: Soon afterwards, a ransomware gang, BlackCat, breached the parent company of Solar Industries Limited, one of the Ministry of Defence’s ammunition and explosives manufacturers, and extracted over 2 Terabyte of data.
What is mean by Cyber-attack?
- Cyberattacks are unwelcome attempts to steal, expose, alter, disable or destroy information through unauthorized access to computer systems.
- These attacks can target various entities such as governments, businesses, organizations, or individuals, and can have serious consequences such as theft of sensitive information, financial loss, reputational damage, or disruption of critical services.
Who is behind cyberattacks?
- Criminal organizations, state actors and private persons can launch cyberattacks against enterprises. One way to classify cyberattack risks is by outsider versus insider threats.
- Outsider threats: External cyber threats include; Organized criminals or criminal groups Professional hackers, like state-sponsored actors, Amateur hackers, like hacktivists
- Insider threats: Insider threats are users who have authorized and legitimate access to a company’s assets and abuse them either deliberately or accidentally. They include, Employees careless of security policies and procedures, Disgruntled current or former employees, Business partners, clients, contractors or suppliers with system access
Growing vulnerability
- There are malwares that could infect all kinds of computer systems: With the lines between the physical and digital realms blurring rapidly, every critical infrastructure, from transportation, power and banking systems, would become extremely vulnerable to the assaults from hostile state and non-state actors.
- For instance; Cyber capabilities are also playing a pivotal role: As seen in the ongoing conflict in Ukraine, where electronic systems in warheads, radars and communication devices have reportedly been rendered ineffective using hacking and GPS jamming.
- Cyber security breaches would only increase: With the introduction of 5G and the arrival of quantum computing, the potency of malicious software, and avenues for digital security breaches would only increase.
- For instance: This year, cybercrimes are expected to cause damage worth an estimated $8 trillion worldwide.
India’s cybersecurity architecture
- CERT-In: In 2022, the Indian Computer Emergency Response Team (CERT-In), which is India’s cybersecurity agency, introduced a set of guidelines for organisations to comply with when connected to the digital realm. This included the mandatory obligation to report cyberattack incidents within hours of identifying them, and designating a pointsperson with domain knowledge to interact with CERT-In.
- Draft Digital Personal Protection Bill, 2022: India’s draft Digital Personal Protection Bill 2022 proposes a penalty of up to ₹500 crore for data breaches.
- Defence Cyber Agency (DCyA): Recently, India’s armed forces created a Defence Cyber Agency, capable of offensive and defensive manoeuvres. All Indian States have their own cyber command and control centres.
- Cybercrime Co-ordination centre: The Indian Cybercrime Co-ordination Centre (I4C) established by the Ministry of Home Affairs, acts as a nodal point in the response against cybercrime by coordinating with state police forces across the country. It also co-ordinates the implementation of mutual legal assistance treaties (MLAT) with other countries.
Have you heard about “Bluebugging”?
- It is a form of hacking that lets attackers access a device through its discoverable Bluetooth connection.
- Once a device or phone is blue-bugged, a hacker can listen to the calls, read and send messages and steal and modify contacts.
- It started out as a threat for laptops with Bluetooth capability. Later hackers used the technique to target mobile phones and other devices.
Limitations In India’s cybersecurity infrastructure
- Lack of tools to identify: Most organisations lack the tools to identify cyberattacks, let alone prevent them.
- Scarcity of cybersecurity professional: India also faces an acute scarcity of cybersecurity professionals. India is projected to have a total workforce of around 3,00,000 people in this sector in contrast to the 1.2 million people in the United States.
- Private sector participation is limited: Most of our organizations are in the private sector, and their participation remains limited in India’s cybersecurity structures.
Global understanding is essential
- International cooperation is critical: With most cyberattacks originating from beyond our borders, international cooperation would be critical to keep our digital space secure. It would also be a cause which would find resonance abroad.
- Cybersecurity treaties: India has already signed cybersecurity treaties, where the countries include the United States, Russia, the United Kingdom, South Korea and the European Union.
- Multinational frameworks are there but there is no truly global framework: Even in multinational frameworks such as the Quad and the I2U2 (which India is a member of) there are efforts to enhance cooperation in cyber incident responses, technology collaboration, capacity building, and in the improvement of cyber resilience. Yet, there is no truly global framework, with many operating in silos.
- UNGA established two processes on ICT: The United Nations General Assembly establish two processes on the issues of security in the information and communication technologies (ICT) environment.
- The Open-ended Working Group (OEWG), comprising the entire UN membership, established through a resolution by Russia.
- The other is the resolution by the U.S., on the continuation of the Group of Governmental Experts (GGE), comprising 25 countries from all the major regions.
- Differ vastly on many aspects of Internet: The two antagonistic permanent members of the UN Security Council, counted among India’s most important strategic partners, differ vastly on many aspects of the Internet, including openness, restrictions on data flow, and digital sovereignty. Amidst the turbulent current world events, these UN groups would struggle to have effective dialogues.
Conclusion
- The G-20 summit this year in India, which will see participation by all the stakeholders driving the global levers of power, is a rare opportunity to bring together domestic and international engagement groups across the spectrum, and steer the direction of these consultations. India could make an effort to conceptualize a global framework of common minimum acceptance for cybersecurity. This would be one of the most significant contributions made by any nation towards collective security in modern times.
Attempt UPSC 2024 Smash Scholarship Test | FLAT* 100% OFF on UPSC Foundation & Mentorship programs
Get an IAS/IPS ranker as your 1: 1 personal mentor for UPSC 2024