- In 2020, the National Cyber Security Strategy was conceptualised by the Data Security Council of India (DSCI) headed by Lt General Rajesh Pant. The report focused on 21 areas to ensure a safe, secure, trusted, resilient, and vibrant cyberspace for India.
- However, amid a surge in cyberattacks on India’s networks, the Centre is yet to implement the National Cyber Security Strategy.
- Increasing Number Of Cyber Attacks: As per American cybersecurity firm Palo Alto Networks’ 2021 report, Maharashtra was the most targeted state in India — facing 42% of all ransomware attacks.
- The report stated that India is among the more economically profitable regions for hacker groups and hence these hackers ask Indian firms to pay a ransom, usually using cryptocurrencies, in order to regain access to the data.
- One in four Indian organisations suffered a ransomware attack in 2021 — higher the the global average of 21%.
- The US is just one of many countries that have invested significant amounts of money in developing not just defences against attack, but the ability to mount damaging cyber warfare offensives.
- The countries which are believed to have the most developed cyber warfare capabilities are the US, China, Russia, Israel and the United Kingdom.
- Critical infrastructure is getting digitised in a very fast way — this includes financial services, banks, power, manufacturing, nuclear power plants, etc.
- It is particularly significant given the increasing interconnectedness of sectors and proliferation of entry points into the internet, which could further grow with the adoption of 5G.
- There were 6.97 lakh cyber security incidents reported in the first eight months of 2020, nearly equivalent to the previous four years combined, according to information reported to and tracked by the Indian Computer Emergency Response Team (CERT-In).
Recent Cyber Attacks:
- There has been a steep rise in the use of resources like malware by a Chinese group called Red Echo to target “a large swathe” of India’s power sector.
- Red Echo used malware called ShadowPad, which involves the use of a backdoor to access servers.
- The Chinese hacker group known as Stone Panda had “identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India.
Suggestions from the report
- A minimum allocation of 0.25% of the annual budget which can be raised upto 1% has been recommended to be set aside for cyber security.
- In terms of separate ministries and agencies, 15-20% of the IT/technology expenditure should be earmarked for cybersecurity.
- It also suggests setting up a Fund of Funds for cybersecurity and providing Central funding to States to build capabilities in the same field.
- Research, Innovation, Skill-Building And Technology Development: The report suggests investing in modernisation and digitisation of ICT, setting up a short and long term agenda for cyber security via outcome-based programs and providing investments in deep-tech cyber security innovation.
- DSCI further recommends creating a ‘cyber security services’ with cadres chosen from the Indian Engineering Services.
- For adequate preparation to handle a crisis, DSCI recommends holding cybersecurity drills which include real-life scenarios with their ramifications.
SOURCE: THE HINDU,THE ECONOMIC TIMES,MINT