List of Contents
Source: The post is based on the article “Cyberattacks are rising, but there is an ideal patch” published in The Hindu on 25th February 2023.
Syllabus: GS 3 – Cyber Security
Relevance: increasing cyber threats in India and measures needed to prevent.
News: There has been an increase in Ransomware attacks in India. The attack on AIIMS and on the parent’s company of Solar Industries Limited are some of the examples.
These incidents highlight the need for mechanisms and laws that prevent such attacks.
What is Ransomware and what are threats from it?
Read Here: What is a Ransomware?
According to the data, over 75% of Indian organisations have faced such attacks.
Further, as India is moving towards digitisation, every critical infrastructure, from transportation, power and banking systems, would become extremely vulnerable to cyber-attacks.
There has also been misuses of the cyber capabilities in the Ukraine war like hacking and GPS jamming.
Hence, cyber security has emerged as a serious concern for nations including India and a comprehensive cyber security policy is the need of the hour.
What are some cyber security policies present in India?
Indian Computer Emergency Response Team (CERT-In): It introduced a set of guidelines in 2022 that included the mandatory obligation to report cyber-attack incidents within hours of identifying them, and designating a pointsperson with domain knowledge to interact with CERT-In.
Digital Personal Protection Bill 2022: The draft bill proposes a penalty of up to ₹500 crore for data breaches.
Defence Cyber Agency (DCyA): It has recently been created by armed forces which is capable of offensive and defensive manoeuvres.
What are the challenges with India in cyber security?
Lack of cybersecurity tools: Most organisations lack the tools to identify cyberattacks.
Scarcity of cybersecurity professionals: India faces an acute scarcity of cybersecurity professionals.
Lack of participation of private sectors: Most of the organisations in India are in the private sector, and their participation remains limited in India’s cybersecurity structures. Hence, they should also come together like the Digital Geneva Convention.
Under the convention, over 30 global companies have signed a declaration to protect users and customers from cyber breaches and collaborate with like-minded intergovernmental and state frameworks.
Increasing Risk: There are risks of increasing cyber-attacks in the future with the introduction of 5G and the arrival of quantum computing.
What are some efforts taken by India at the global level to prevent cyber-attacks?
India has signed cybersecurity treaties with countries like the United States, Russia, the United Kingdom, South Korea and the European Union.
There are also efforts in Quad and the I2U2 (which India is a member of) to enhance cooperation in cyber incident responses, technology collaboration, capacity building, and in the improvement of cyber resilience.
United Nations General Assembly has also established two processes – a) Open-ended Working Group (OEWG), comprising the entire UN membership, b) the Group of Governmental Experts (GGE), comprising 25 countries from all the major regions.
However, there are differences amongst the member nations of these groupings and there is also a lack of global framework on cyber security.
What is the way forward for India?
India is presiding over the G20 this year. Therefore, it could make an effort to conceptualise a global framework of common minimum acceptance for cybersecurity.