19 Jun 2021 Cyber Security
The Ministry of Home Affairs has operationalized the national Helpline 155260 and Reporting Platform for preventing financial loss due to cyber fraud. The helpline was soft-launched on 1st April.
The National Helpline and Reporting Platform provides a mechanism for persons cheated in cyber frauds to report such cases to prevent loss of their hard earned money.
Cyber Security is protecting cyber space including critical information infrastructure from attack, damage, misuse and economic espionage.
Cyber Space: A global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
Indian Cyber Situation
- India rank is 23rd in Global Cybersecurity Index (GCI)published by International Telecommunication Union (ITU).
- India has been listed in the “maturing category” of the index with a score of 0.683.India ranks 3rd in terms of the highest number of internet users in the world after USA and China, the number has grown 6-fold between 2012-2017 with a compound annual growth rate of 44%.
- India secures a spot amongst the top 10 spam-sending countries in the world alongside USA
Components of Cyber Security
- Application Security: It encompasses measures or counter-measures that are taken during an application’s development process to protect it from threats that can come through flaws in the app design, development, deployment, upgrade or maintenance.
- Information security: It is related to the protection of information from an unauthorized access to avoid identity theft and to protect privacy.
- Network Security: It includes activities to protect the usability, reliability, integrity and safety of the network.
- Disaster Recovery Planning: It is a process that includes performing risk assessment, establishing priorities, developing recovery strategies in case of an attack.
Need for Cyber Security
- ·For Individuals: Photos, videos and other personal information shared by an individual on social networking sites can be inappropriately used by others, leading to serious and even life-threatening incidents.
- For Business Organizations: Companies have a lot of data and information on their systems. A cyber attack may lead to loss of competitive information (such as patents or original work), loss of employees/customers private data resulting into complete loss of public trust on the integrity of the organization.
- For Government: A local, state or central government maintains huge amount of confidential data related to country (geographical, military strategic assets etc.) and citizens. Unauthorized access to the data can lead to serious threats on a country.
Laws related to Cyber Security in India
Information Technology Act, 2000
- The act regulates use of computers, computer systems, computer networks and also data and information in electronic format.
- The act lists down among other things, following as offences:
- Tampering with computer source documents.
- Hacking with computer system
- Act of cyber terrorism i.e. accessing a protected system with the intention of threatening the unity, integrity, sovereignty or security of country.
- Cheating using computer resource etc.
Strategies under National Cyber Policy, 2013
- Creating a secure cyber ecosystem.
- Creating mechanisms for security threats and responses to the same through national systems and processes.
- National Computer Emergency Response Team (CERT-in) functions as the nodal agency for coordination of all cyber security efforts, emergency responses, and crisis management.
- Securing e-governance by implementing global best practices, and wider use of Public Key Infrastructure.
- Protection and resilience of critical information infrastructure with the National Critical Information Infrastructure Protection Centre (NCIIPC) operating as the nodal agency.
- NCIIPC has been created under Information Technology Act, 2000 to secure India’s critical information infrastructure. It is based in New Delhi.
- Promoting cutting edge research and development of cyber security technology.
- Human Resource Development through education and training programs to build capacity.
Recent Steps taken by Government
- Cyber Surakshit Bharat Initiative: It was launched in 2018 with an aim to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
- National Cyber security Coordination Centre (NCCC): In 2017, the NCCC was developed. Its mandate is to scan internet traffic and communication metadata (which are little snippets of information hidden inside each communication) coming into the country to detect real-time cyber threats.
- Cyber Swachhta Kendra: In 2017, this platform was introduced for internet users to clean their computers and devices by wiping out viruses and malware.
- Training of 1.14 Lakh persons through 52 institutions under the Information Security Education and Awareness Project (ISEA) – a project to raise awareness and to provide research, education and training in the field of Information Security.
- International cooperation: Looking forward to becoming a secure cyber ecosystem, India has joined hands with several developed countries like the United States, Singapore, Japan, etc. These agreements will help India to challenge even more sophisticated cyber threats.
- Government decided to set up three new agencies — the Defence Cyber Agency, the Defence Space Agency and the Special Operations Division — in order to address the new age challenges to national security. While this is indeed a useful step in the right direction, it is also important to note that the constitution of these agencies is a far cry from the crucial recommendations given by the Naresh Chandra Task Force and the Chiefs of Staff Committee, both of which had suggested the formation of three separate joint commands to deal with new challenges to India’s national security in the cyber, space and special operations domains.
- The International Telecommunication Union (ITU) is a specialized agency within the United Nations which plays a leading role in the standardization and development of telecommunications and cyber security issues.
- Budapest Convention on Cybercrime: It is an international treaty that seeks to address Internet and computer crime (cybercrime) by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. It came into force on 1 July 2004. India is not a signatory to this convention.
- It provides for the criminalisation of conduct, ranging from illegal access, data and systems interference to computer-related fraud and child pornography,
- India is reconsidering its position on becoming a member of the Budapest Convention because of the surge in cyber crime, especially after a push for digital India.
- The move, however, is being opposed by the Intelligence Bureau (IB) on the grounds that sharing data with foreign law enforcement agencies infringes on national sovereignty and may jeopardise the rights of individuals.
- Indian Cyber Crime Coordination Centre (I4C): The Home Minister had announced the setting up of I4C in 2016 to deal with all types of cyber crime at the national level.
- “I4C will be set up under the newly created Cyber and Information Security (CIS) division of the MHA. CIS will have four wings, namely security clearance, cybercrime prevention, cyber security and information security”.
- Internet Governance Forum (IGF): It brings together all stakeholders i.e. government, private sector and civil society on the Internet governance debate. It was first convened in October–November 2006.
- Internet Corporation for Assigned Names and Numbers (ICANN): It is a non-profit organization responsible for coordinating the maintenance and procedures of several databases related to the namespaces and numerical spaces of the Internet, ensuring the network’s stable and secure operation. It has its headquarters in Los Angeles, U.S.A
Global center for cyber security
- In a bid to safeguard the world from hackers and growing data breaches — especially from nation-states — the World Economic Forum (WEF) has announced a new Global Centre for Cybersecurity.
- Headquartered in Geneva, the centre will become operational from March.
- The centre will help bring all the stakeholders together in ensuring cybersecuriy.
- Cyber breaches recorded by businesses are on the rise. In the last five years, these have almost doubled to an average of 130 breaches per business in 2017.
- As a borderless problem, urgent action is needed to create a safe operating environment for new technologies like Artificial Intelligence, robotics, drones, self-driving cars and the Internet of Things (IoT), the WEF said.
- The global centre will be an excellent opportunity to safeguard verticals like automotive and health care where wireless connectivity is the key.