UPSC CSE – SYLLABUS – GS – 3- Challenges to internal security through communication networks, role of media and social networking sites in internal security challenges, basics of cyber security; money-laundering and its prevention.
Increasing Cyber Intrusions
Cyber Intrusions and Attacks have increased dramatically over the last decade, exposing sensitive personal and business information, disrupting critical operations, and imposing high costs on the economy. India was ranked among the top five countries to be affected by cybercrime, according to a 22 October report by online security firm” Symantec Corp.
Cyberspace has inherent vulnerabilities that cannot be removed. With an increase in internet penetration, India faces the following challenges,
- Innumerable entry points to internet that increases vulnerability.
- Assigning attribution: Internet technology makes it relatively easy to misdirect attribution to other parties.
- Computer Network Defense techniques, tactics and practices largely protect individual systems and networks rather than critical operations (missions).
- Attack technology outpacing defense technology
- Nation states, non-state actors, and individuals are at a peer level, all capable of waging attacks.( malware attack on Kudankulam Nuclear Power Plant, Petya ransomware attack)
- Sophisticated methods used: Phishing and social engineering, Malware Spear Phishing, Denial of service Out of date software , ransomware ,etc.
Measures taken so far:
- Establishment of National Critical Information Infrastructure Protection Centre (NCIIPC) for protection of critical information infrastructure in the country.
- All organizations providing digital services have been mandated to report cyber security incidents to CERT-In expeditiously.
- Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) has been launched for providing detection of malicious programmes and free tools to remove such programmes.
- Issue of alerts and advisories regarding cyber threats and counter-measures by CERT-In.
- Issue of guidelines for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities for securing applications / infrastructure and compliance.
- Provision for audit of the government websites and applications prior to their hosting, and thereafter at regular intervals.
- Empanelment of security auditing organisations to support and audit implementation of Information Security Best Practices.
- Formulation of Crisis Management Plan for countering cyber-attacks and cyber terrorism.
- Conducting cyber security mock drills and exercises regularly to enable assessment of cyber security posture and preparedness of organizations in Government and critical sectors.
- Conducting regular training programmes for network / system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organisations regarding securing the IT infrastructure and mitigating cyber-attacks.
- A scheme for establishment of Indian Cyber Crime Coordination Centre (I4C) to handle issues related to cybercrime in the country in a comprehensive and coordinated manner.
- Steps to spread awareness about cybercrimes, issue of alerts/advisories, capacity building/training of law enforcement personnel/ prosecutors/ judicial officers, improving cyber forensics facilities etc. to prevent such crimes and to speed up investigation.
- Technologies like Artificial Intelligence and Machine learning could be adopted for cyber defense.
- India needs to create a layered defense. Further, investing in Cyber security research and development is required.
- State Cybersecurity Framework shall be envisaged in P-P-P Model.
- Security Audit Adhering to international standards applicable for all govt. websites, applications before hosting and publishing.
- Cybersecurity drills shall be carried out under the supervision of I-CERT.
- agencies implementing IT Projects shall allocate appropriate budget towards compliance with the security requirement of IT Act 2000
- Finally, awareness creation and digital literacy are the need of the hour.
Source:” Financial Express”.
POSSIBLE UPSC MAINS EXAMINATION: