Syllabus
GS Paper 3 – Challenges to Internal Security through Communication Networks, Role of Media and Social Networking Sites in Internal Security Challenges, Basics of Cyber Security; Money-Laundering and its prevention.
Context
The primary responsibility for preventing, detecting, investigating, and prosecuting crimes, including cybercrimes, lies with the Law Enforcement Agencies (LEAs) of the States and Union Territories.
Cybercrime
Definition of Cybercrime: Cybercrime refers to any criminal activity that involves or targets a computer, computer network, or networked device. It’s often perpetrated by cybercriminals or hackers seeking financial gain.
Perpetrators of Cybercrime: Cybercrimes can be executed by individuals or organizations. Some of these entities are highly organized, employ advanced techniques, and possess a high level of technical skill.
Types of Cybercrime:
- Email and Internet Fraud: Deceptive practices conducted via email or the internet.
- Identity Fraud: The theft and use of personal information.
- Cyberextortion: The act of demanding money to prevent a threatened attack.
- Cryptojacking: The unauthorized mining of cryptocurrency using resources owned by others.
- Cyberespionage: The unauthorized access of government or corporate data.
- Other Cybercrimes: These include copyright infringement, illegal gambling, and more.
Major cyber-attacks threatened the security of the world:
- Stuxnet Worm Attack: The world was likely alerted to the threat of cyber weapons with the emergence of the Stuxnet Worm in 2010. This led to significant damage to Iran’s centrifuge capabilities.
- Saudi Aramco Attack: In 2012, a computer network belonging to the Saudi Aramco Oil Company was targeted, reportedly by Iranian operatives, resulting in the loss of data on 30,000 computers.
- RasGas Attack: Iran was also suspected to be behind a targeted attack on the Qatari natural gas company, RasGas.
- US Warning: These series of events led the US to warn that the world needed to prepare for a ‘cyber Pearl Harbour’, indicating a new era of potential vulnerabilities.
- Cyber Attacks in India: According to a study by technology giant IBM, India was the second most cyber-attacked country in the Asia-Pacific region in 2020.
Status of Cybercrime in India:
- State Responsibility: As per the 7th Schedule of the Constitution of India, ‘Police’ and ‘Public Order’ are State subjects. Therefore, States and Union Territories (UTs) bear the responsibility for the prevention and detection of cybercrime.
- Central Government’s Role: The Central Government supports the initiatives of the States/UTs through advisories and financial assistance under various schemes.
- Nature of Cybercrime: According to the Crime in India 2022 report, the majority of cybercrime cases involve fraud, extortion, and sexual exploitation.
- Most Affected States: The states most impacted by cybercrimes are Maharashtra, Karnataka, Uttar Pradesh, Telangana, and Kerala.
- Impact on Young Women: Research indicates that online abuse disproportionately affects young women. In a survey of 400 students from 111 Indian higher education institutions (HEIs), it was found that around 60% of women experienced some form of Technology Facilitated Sexual Violence, compared to only 8% of men.
- Global Perspective: A global study by the Economist Intelligence Unit found that 38% of women have had personal experiences of online violence, and 85% of women who spend time online have witnessed digital violence against other women.
Challenges and Issues:
- Uncertainty in Protection: Despite the development of new cybersecurity technologies and protocols aimed at safeguarding systems, networks, and devices, there is a lack of clarity on whether they can provide comprehensive protection against all types of cyber-attacks.
- Lost Time: The West’s focus on the militarization of cyber threats and leveraging its superior capabilities resulted in lost time. This led to misplaced ideas and incorrect generalizations, culminating in a decade of missed opportunities.
- Significant Costs: Many companies fail to realize that inadequate corporate protection and defense can lead to substantial external costs for national security, as demonstrated by the SolarWinds attack.
- Solution Limitations: Technological advancements urge every enterprise to incorporate Secure Access Service Edge (SASE) to mitigate the risk of cyber-attacks. However, additional solutions like Cloud Access Security Broker (CASB) and Secure Web Gateway (SWG), aimed at reducing web-based threats to users, have their limitations.
- Limited Scope of Zero Trust Model and Micro Segmentation: The constant references to the Zero Trust Model and Micro Segmentation as means to limit cyber-attacks have limited applicability. The Zero Trust Model, which emphasizes strict identity verification and allows only authorized and authenticated users to access data applications, may not be entirely successful against emerging cyber-attacks.
- Lagging Cybersecurity Experts: Cybersecurity experts should ideally be two steps ahead of cyber criminals. However, this proactive approach seems to be currently lacking.
Steps taken to prevent cyber-attack:
- Indian Computer Emergency Team (CERT-In): CERT-In serves as the national agency that responds to computer security incidents as they occur.
- Indian Cyber Crime Coordination Centre (I4C): I4C was established to handle all forms of cybercrime in the country in a coordinated and comprehensive manner.
- National Cyber Forensic Laboratory: This is a national-level laboratory for cyber forensics.
- National Cyber Crime Reporting Portal: This portal was launched to enable the public to report all types of cybercrimes, with a special emphasis on crimes against women and children.
- Citizen Financial Cyber Fraud Reporting and Management System: This system was launched for the immediate reporting of financial frauds to prevent fraudsters from siphoning off funds.
- National Cyber Forensic Laboratory (Investigation): Located in New Delhi, this laboratory provides early-stage cyber forensic assistance to Investigating Officers.
- National Cyber Forensic Laboratory (Evidence): Established in Hyderabad, this laboratory offers necessary forensic support in cybercrime cases, preserves evidence, and conducts analysis in accordance with the Information Technology Act and Evidence Act.
- National Cyber Security Coordinator: Operating under the National Security Council Secretariat, this coordinator liaises with different agencies at the national level on cybersecurity issues.
- National Critical Information Infrastructure Protection Centre: This centre was established to protect the national critical information infrastructure.
- Cyber Swachhta Kendra: This Botnet Cleaning and Malware Analysis Centre was launched to detect malicious software programs and provide free tools for their removal.
- National Cyber Coordination Centre: This centre works to raise awareness about existing and potential threats.
- Cyber Crisis Management Plan: This plan was formulated to counter cyber-attacks.
- Centre for Financial Literacy Project: Launched by the Reserve Bank of India in 2017, this pilot project on financial literacy aims to adopt community-led innovative and participatory approaches.
- Massive Open Online Courses (MOOC) platform: The ‘CyTrain’ portal, developed under I4C, offers online courses on critical aspects of cybercrime investigation, forensics, prosecution, etc., along with certification for capacity building of police officers/judicial officers.
- Awareness Generation: Messages are disseminated through SMS, I4C social media account. Examples include CyberDostI4C on Facebook, radio campaigns, Cyber Safety and Security Awareness weeks, etc.
- Cyber Surakshit Bharat Programme: This public-private partnership aims to educate and enable the Chief Information Security Officers and the broader IT community in Central/State Governments, Banks, PSUs, and Government organizations to address the challenges of cybersecurity.
Way forward:
- Data Defense Priority: The defense of data should be prioritized above all else.
- Role of Law Enforcement Agencies: Law enforcement agencies are crucial in providing an effective defense against cyber-attacks.
- Technical Solutions and Resilience: While addressing the technical aspects is part of the solution, it’s important for networks and data structures to prioritize resilience through decentralized networks, hybrid cloud structures, and backup processes.
- Trust and Backup Plans: There’s a need to prioritize the building of trust in systems and the creation of backup plans. This includes making strategic decisions and building capacity within networks to ensure survival even if one node is attacked.
- Importance of Resilience: Failure to build resilience at both the technical and human level will result in a continuous cycle of cyber attacks and the ensuing distrust, posing a threat to the foundations of democratic society.
Source: PIB
Practice Question
Discuss the growing incidence of cyber-crimes in India. Analyze the steps taken by the Indian government to combat these threats and suggest measures to enhance the resilience of our digital infrastructure. Substantiate your answer with relevant examples. (250 words)