Relevance: GS-3: Basics of Cyber Security.

Key Phrases: CERT-In, NCIIPC, NCCC, I4C, Singularity XDR, Stone Panda, NCSC;

Context

• The CERT-In (Indian Computer Emergency Response Team), recently came up with a new directive where companies will have to report the cybercrime within 6 hours of its detection.
• As more Indians increase their presence in cyberspace, Cybersecurity becomes essential for protecting the national interest.

Key Highlights

What is Cybersecurity?

• It involves protecting computational systems (Computers, mobiles, servers, etc) in cyberspace, including the Critical Information Infrastructure (banking infra, Health infra, Power infra), from cyber-attacks by adversaries.
• 4 main threats to Cyberspace
  • Cyber Crime: any criminal activity which involves the usage of computational systems.
  • Cyber Espionage: Spying through computational systems.
  • Cyber Warfare: Misuse of computational systems by one country to disrupt the computers or information networks of other countries.
  • Cyber Terrorism: Misinformation Campaign and other activities being carried out by terrorists to advance their political and ideological gains.

Why is Cybersecurity needed?

• Cybersecurity is essential for national security
  • Global Cyber Security Index 2021 has placed India in 10th Position.
  • India will have to put extra attention to cybersecurity for securing its dream of a $ 5Tn economy by 2024.
• Increased cyber presence has increased vulnerability.
  • 800 Mn Indians have a digital presence with 400 Mn additional to join the digital space by 2025.
  • 231% increase in internet connection in the last 8 years as India’s data cost per GB has come down by 96%.
  • The number of cybercrimes per lakh population has increased by 270%.
  • 136 cybercrime cases were reported every day in 2020.
• Protecting Companies
  • Companies’ competitive advantage is often the target of cyber attacks.
• Protecting Individuals
  • Increased cases of ransomware have been reported.
• Safeguarding Government assets
  • Cyberattacks by non-state actors like ‘Stone Panda’ on critical information infrastructure have increased.
  • As per Cyfirma, a cybersecurity firm, Countries have started engaging in cyberwarfare. Eg Russian and North Korean hackers have attacked facilities in the US.

Steps Taken

• The CERT-In mandated cybersecurity reporting to the authorities within six hours for all incidents.
• Legislative measures
  • IT Act 2000 (Information Technology) for convicting cyber criminals.
• Institutional Measures
  • CERT-IN (Computer Emergency Response Team) under MEITy for swift action against ongoing cyber attacks.
  • I4C (Indian Command Control Center for Cybercrimes) for coordination in tackling cybercrimes. It is under MHA.
  • NCCC (National Cyber Coordination Centre) for threat analysis.
  • NCIIPC (National Critical Information Infrastructure Protection centre) for critical infrastructure protection.
  • National Cyber Security Coordinator - to coordinate between different agencies carrying cybersecurity initiatives.
• Policy Measures
  • National Cyber Security Policy 2013, which led to the establishment of NCIIPC, I4C, and NCCC.
• Initiative
  • International Initiatives
    • Budapest convention to build consensus on joint action against cybercrimes by tweaking national laws and bringing in synergy to investigate and analyse cybercrimes.
    • Internet Governance Forum - for bringing all stakeholders together for bettering internet governance.
  • National Initiative
    • Cyber Surakshit Bharat Initiative.
    • Cyber Swachhta Kendra is operated by CERT-In.
• Technological measures
  • Singularity XDR (extended detection and response) for enhanced protection of the assets of the companies.

Challenges/ Concerns

• The Recent directive by CERT-In
  • An increase in the cost of compliance of companies to provide the information within the timeframe.
  • Lack of tools to comply with directives.
  • Privacy concerns as the company will have to share IT logs for 6 months.
• Institutional Challenges
  • A plethora of agencies and institutions results in a fragmented approach to cyber security.
  • NCSC hasn’t been provided with liaison officers from the states.
  • NCIIPC and CERT-In lack skilled manpower to carry out their designated tasks with efficiency.
• Human Resource Challenges
  • ○ Cybersecurity hasn’t been included in the formalised curriculum.
  • ○ Lack of sufficient informational awareness to the individuals regarding phishing, spoofing etc.
  • ○ Companies lack designated personnel to shield themselves against attacks.
• Concerns in Industry
  • Companies often don’t put 2-factor authorisation (2FA) before using GMAIL for official communication.

Way Forward

• Usage of singularity XDR
  • It extends beyond the endpoint and provides end-to-end enterprise visibility and protection.
  • Powered by Machine Learning it can be manned by smaller support staff.
• Seamless integration among agencies for foolproof protection against cyber attacks.
• A Centre of Excellence must be created for augmentation of HR in the field of Cybersecurity.
• Cybersecurity Help Desk at regional levels must be created as the first level of guidance and support.
• National Cyber Security Policy 2020 must be brought for upgrading our fight against cyberattacks.

Conclusion

• The recent directive will lead to an enhanced cyber security posture across stakeholders. Improving cybersecurity and reducing threats is always the right response.

Source: The Hindu BL

Mains Question:

Q. Explain the Cybersecurity architecture in India? What are the challenges in recent times? What more can be done?