GS Paper 3: Basics of Cyber Security.
News: According to the National Crime Records Bureau (NCRB), from 12,317 cases of cybercrime in 2016, there were 50,035 cases registered in 2020 due to increased use of information and communication technology (ICT).
What is the Definition of Cyber Crime?
- Cybercrime refers to criminal conduct committed with the aid of a computer or other electronic equipment connected to the internet. Individuals or small groups of people with little technical knowledge and highly organized worldwide criminal groups with relatively talented developers and specialists can engage in cybercrime.
What are the examples of Basic CyberCrimes?
- Stolen credit card information: The most common cybercrime is when a person’s credit card information is stolen and used unlawfully to acquire or purchase goods or services over the internet.
- Hacking into a government website: Another type of cybercrime is tampering with sensitive government data.
- Theft of user accounts: Yahoo experienced a serious data breach from 2013 to 2016 that resulted in the theft of three billion user accounts. The attackers gained access to private information and passwords that were used to access user accounts in other online services. Most of this data is available even today on the dark web.
- Compromised IoT devices: In 2016, over one million connected devices in the IoT were compromised by attackers who took advantage of existing software vulnerabilities. It is the largest DDoS attack to date and one that caused outages in the global DNS affecting popular services including Netflix, PayPal, Twitter, and many more.
- Loss of control and access to content: The WannaCry attack, which was allegedly launched by North Korea, in 2017, unleashed ransomware that locked down content on user devices. This ransomware rapidly spread itself and infected 300,000 computers worldwide. The victims had to pay hundreds of dollars to restore their data.
- Phishing campaigns: The phishing campaigns infiltrate corporate networks by sending authentic-looking fraudulent emails to users in an organization and tricking them into performing actions such as downloading attachments or clicking on links. The viruses or malware then spreads to the systems, and, eventually, ends up in the organizations’ networks.
What are the Different Types of Cyber Crime?
- Malware: Malware is a broad phrase that encompasses a wide range of cyberattacks such as Trojans, viruses, and worms. Malware can simply be described as code written to steal data or destroy things on a computer.
- Phishing: Phishing frequently poses as a request for information from a reputable third party. Phishing emails invite users to click on a link and enter their personal information.
- Denial-of-service (DoS) attack: A denial-of-service (DoS) attack focuses on disrupting network service. Attackers transmit a large amount of data traffic via the network until it becomes overloaded and stops working. A DoS attack can be carried out in a variety of ways, but the most common is a distributed denial-of-service (DDoS) attack. It involves the attacker sending traffic or data, by utilizing several machines, that will overload the system.
- Man-in-the-middle Attack: A man-in-the-middle attack can obtain information from the end-user and the entity with which they are communicating by impersonating the endpoints in the online information exchange.
- Drive-by Download Attack: Simply opening a compromised webpage may now allow dangerous code to be installed on our device. We only need to visit or drive by a website by clicking accept for any software, and malicious code will be downloaded in the background on our device.
Issues in India related to Cyber Crimes:
- No procedural code: Electronic evidence is entirely different in nature when compared with evidence of traditional crime but there is no separate procedural code for the investigation of cyber or computer-related offences.
- Shortage of technical staff: A regular police officer, with an academic background in the arts, commerce, literature, or management may be unable to understand the nuances of the working of a computer or the Internet, but there have been half-hearted efforts by the States to recruit technical staff for the investigation of cybercrime.
- Cyber forensic laboratories of States are equipped to analyze hard disks and mobile phones, many are yet to be notified as ‘Examiner of Electronic Evidence’ (by the central government) to enable them to provide expert opinion on electronic records.
- Insufficient State Capacities: Offenses related to crypto-currency remain under-reported as the capacity to solve such crimes remains limited.
- Trans-national nature of cyber crimes: Most cyber crimes are trans -national in nature with extra-territorial jurisdiction. The collection of evidence from foreign territories is not only a difficult but also a tardy process.
- Insufficient financial support from center: Center helps in upgrading the State laboratories by providing modernisation funds, though the corpus has gradually shrunk over the years.
- Firms are reluctant to notify the cyber breach incidents to the regulators: This is because any security or privacy breach has a negative impact on the reputation of the associated firms. Empirical evidence shows that in the long term, breached companies underperformed in the market.So, firms weigh the penalties they face for not disclosing the incidents versus the potential reputational harm due to disclosure, and decide accordingly.
Initiatives taken by India to tackle cyber crime:
- Cyber Surakshit Bharat Initiative.
- Computer Emergency Response Team-India(CERT-IN).
- Information Technology (IT) Act, 2000.
- Cyber Swachhta Kendra.
- Indian Cyber Crime Coordination Center(I4C)
- Natioanl Cybersecurity Coordination Center.
- Periodic cyber security audits through third party cyber security auditors: These audits should be comprehensive enough to identify cyber crime incidents that might not have been reported by the firm.
- Extension of Common Criteria Testing Laboratories and certification bodies set up as part of cyber security assurance initiatives of the Government of India, to evaluate and certify IT security products and protection profiles towards cyber security audits and assessments as well.
- Upgrade cyber labs: Since there is now a state-of-art National Cyber Forensic Lab and the Cyber Prevention, Awareness and Detection Centre (CyPAD) of the Delhi Police, there may be an extension of professional help to States in getting their labs notified.
- Data localisation: Most cyber crimes are transnational in nature but in most social media crimes, except for the prompt blocking of an objectionable website or suspect’s account, other details do not come forth quickly from large IT firms. Therefore, ‘data localisation’ must feature in the proposed Personal Data Protection law so that enforcement agencies are able to get timely access to the data of suspected Indian citizens.
- India should develop its in-house capacity and/or make intermediaries accountable to identify and remove online CSAM for immediate action by the police. As, the police still get CyberTipline reports on online Child Sexual Abuse Material (CSAM) from the U.S.’s non-profit agency, the National Center for Missing & Exploited Children (NCMEC).
- Centre and States should work in tandem and frame statutory guidelines to facilitate investigation of cybercrime but also need to commit sufficient funds to develop much-awaited and required cyber infrastructure.
Sources:- The Hindu; Intellipaat
- The Hindu:-https://bit.ly/3Dd0RrA ; https://bit.ly/3Bv82tT