Cyber Security in India: Is our data safe or in Danger?

Cyber Security in India: Is our data safe or in Danger?

Author :Soudip Das, Adamas University 

Abstract 

This article examines the current state of cybersecurity in India, focusing on the threats posed by evolving cyber-attacks, notable breaches across various sectors, and initiatives undertaken by the Indian government to improve cybersecurity. The discussion focuses on the different types of cyber threats that exist in the country, recent high-profile cyber-attacks on organisations, and the legal framework in place to combat cybercrime. It also looks at India’s challenges in securing critical infrastructure, the financial sector, and addressing data privacy concerns. 

The article discusses the Indian government’s initiatives, such as the Cyber Surakshit Bharat Initiative, the National Cybersecurity Policy, Cyber Swachhta Kendra, CERT-In, the Defence Cyber Agency, and the Indian Cyber Crime Coordination Centre. Despite these efforts, challenges in ensuring robust cybersecurity remain, including critical infrastructure vulnerabilities, financial sector threats, data breaches, cyber espionage, APTs, and supply chain vulnerabilities.

The article concludes with a set of recommendations to strengthen cybersecurity in India, highlighting the importance of an updated legal framework, enhanced cybersecurity capabilities, and expanded international cooperation. To effectively combat evolving cyber threats, it calls for increased investment in human and technological resources, the establishment of cybersecurity centres of excellence, and collaboration among various stakeholders. The article encourages India to actively participate in regional and international dialogues in order to build trust, share threat intelligence, and harmonise cybersecurity standards for a more secure cyberspace.

Introduction

In an era dominated by digital interconnectedness, the concept of ‘cybersecurity’ has become critical in protecting the integrity of nations, organisations, and individuals alike. Because cyberspace is the backbone of modern information exchange and economic transactions, protecting it from malicious cyber threats cannot be overstated. This is especially true in a country like India, where rapid technological advancements coexist with an increasing number of cyber threats. As the country moves toward a digital future, concerns about the security of sensitive data and critical infrastructure have emerged. This article delves into the Indian cybersecurity landscape, examining the evolving nature of cyber threats, notable cyber-attacks on Indian entities, government initiatives, current challenges, and recommendations to strengthen the nation’s cybersecurity posture. India is at a crossroads in navigating the intricate web of cyberspace security, where strategic decisions and collaborative efforts will determine the resilience of its digital ecosystem against ever-evolving cyber threats.

Research Methodology 

The present study has referred to secondary sources of data to analyze the Cyber-law in India. The secondary data source includes journals, articles, reports published by the government, and websites of different governmental and non-governmental agencies and organizations. 

What is a Cybersecurity?

The term ‘Cyber’ refers to computer culture, information technology, and virtual reality. Cyberspace is formed by the interconnection of internet ecosystems. The threat to cyberspace creates a problem and necessitates the need for cybersecurity. 

Cybersecurity refers to the safeguarding of internet-connected devices and services against malicious cyber-attacks by hackers, spammers, and cybercriminals. Companies use the practice to guard against phishing schemes, ransomware attacks, identity theft, data breaches, and financial losses.

Types of Cyber Attacks

There are several types of cyber-attacks that have evolved over time:

1. Virus – Malware that replicates and spreads itself by inserting copies of itself into other executable code or documents.
2. Website Hacking – Unauthorized access to any website in a personal or professional setting
3. Malicious Codes – This is a type of security threat in which any code present in software has the potential to cause harm, breach system security, or cause system damage.
4. Advanced Worm and Trojan – This is another malware that masquerades as regular software but, once activated, causes damage to the hard drive, background systems, and allocation systems.
5. Identity Theft and Phishing – It is a cyber-attack that uses fraudulent emails posing as authorized entities to persuade people to reveal their personal information (personal and professional.)
6. DOS, DDOS – DOS is an abbreviation for Denial-of-Service attack, and DDOS is an abbreviation for Distributed Denial-of-Service attack. The attackers make the machine or network unavailable by disrupting host network services with a flood of unnecessary requests to overload systems. When such a flood of requests comes from multiple sources, it is referred to as DDOS.
7. Cyber Espionage – When the privacy of a government or important organization is jeopardized due to the illegal use of computer networks to obtain confidential information.
8. Cyber Warfare – The deliberate use of computer technology to attack information systems in order to disrupt state activities, particularly for military purposes.

Well Known Cyber-Attacks Across India

There have been numerous disastrous cyber-attacks on organizations across India. Unacademic, an Edutech startup, suffered a data breach in May 2020, compromising the accounts of 22 million Indian users. The compromised accounts’ email addresses, usernames, and passwords were sold on the dark web. 

User data from the massive online grocery platform BigBasket was put up for sale in an online cybercrime market in October 2020. For $40,000, the personal information of approximately 20 million Indian users was sold. Names, email IDs, PINs, mobile numbers, password hashes, addresses, locations, dates of birth, and IP addresses were among the data on offer. 

COVID-19 lab test results of thousands of Indian patients were leaked online in January 2021, ostensibly by government websites. The leaked information was made publicly available on Google. Patients’ dates of birth, full names, test centres, and testing dates were among the sensitive information. 

In February 2021, 500,000 Indian police personnel’s personally identifiable information (PII) was put up for sale on a database sharing forum. The data was traced back to a police exam on December 22, 2019. The leaked information included the exam candidates’ full names, email addresses, phone numbers, dates of birth, criminal histories, and FIR records.

Upstox, Asia’s second-largest stockbroker, experienced a data breach in April 2021 that affected 2.5 million customers. Over 56 million KYC data files were leaked, including email IDs, dates of birth, passports, PANs, and other personal information. By breaching a third-party warehouse, the infamous hacker group ShinyHunters gained access to the KYC details and contact information.

After a cyber-attack on the job portal IIMjobs in November 2020, the data of 1.4 million Indian job seekers was leaked online. The victims’ names, email addresses, phone numbers, exact location, links to their LinkedIn profiles, and industry of work were all compromised. 

These incidents clearly demonstrate the current state of India’s cyber-security system.

India’s Initiative so Far

The Indian government is undertaking a number of initiatives to improve cybersecurity. With the rapid advancement of information technology, providing a safe and secure cyberspace is critical. There are numerous laws that support cybersecurity, those are:

1. Information and Technology Act, 2000
2. Information Technology Amendment Act 2008 (ITAA)
3. National Cyber Security Strategy 2020

Other than these laws India has also taken other initiatives so far those are discussed below:

Cyber Surakshit Bharat Initiative was launched to raise awareness about cybercrime and to develop safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.

The National Cybersecurity Policy aims to create a safe and resilient cyberspace for citizens, businesses, and the government. It outlines various goals and strategies for protecting cyberspace information and infrastructure, developing capabilities to prevent and respond to cyber-attacks, and minimizing damage through collaborative efforts of institutional structures, people, processes, and technology.

India has also launched Cyber Swachhta Kendra It is the Botnet Cleaning and Malware Analysis Centre under the Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology (MeitY). The aim of Cyber Swachhta Kendra is to promote awareness among Indian citizens to secure their data in computers, mobile phones, and other electronic devices.

CERT-In (Computer Emergency Response Team): It is a MeitY organisation that collects, analyses, and disseminates information about cyber incidents, as well as issues cybersecurity alerts.

Defence Cyber Agency (DCyA): The DCyA is an Indian Armed Forces tri-service command in charge of dealing with cyber security threats. It is capable of conducting cyber operations against various cyber threat actors, such as hacking, surveillance, data recovery, encryption, and countermeasures.

Critical information infrastructure (CII): A computer resource whose destruction would have a crippling effect on national security, the economy, public health, or safety. The government established the National Critical Information Infrastructure Protection Centre (NCIIPC) to safeguard the critical information infrastructure (CII) of various sectors, including power, banking, telecommunications, transportation, government, and strategic enterprises.

The Indian Cyber Crime Coordination Centre (I4C) was established to provide law enforcement agencies with a framework and eco-system for dealing with cybercrime comprehensively and in a coordinated manner. It is divided into seven sections: 

1. National Cyber Crime Threat Analytics Unit
2. National Cyber Crime Reporting Portal
3. National Cyber Crime Training Centre
4. Cyber Crime Ecosystem Management Unit
5. National Cyber Crime Research and Innovation Centre
6. National Cyber Crime Forensic Laboratory Ecosystem
7. Platform for Joint Cyber Crime Investigation Team.

Challenges in Ensuring Cybersecurity in India.

Vulnerability of Critical Infrastructure: India’s critical infrastructure, such as power grids, transportation systems, and communication networks, is vulnerable to cyber-attacks, which can disrupt essential services and jeopardize public safety and national security. In October 2019, for example, there was an attempted cyber-attack on the Kudankulam Nuclear Power Plant.

Threats to the Financial Sector: The Indian financial sector is vulnerable to cyberattacks by cybercriminals looking to profit from stealing or extorting money. Financial losses, identity theft, and a loss of trust in the financial system can all result from attacks on banks, financial institutions, and online payment systems. In March 2020, for example, a malware attack on the City Union Bank’s SWIFT system resulted in unauthorised transactions totaling USD 2 million.

Breach of Data and Privacy Concerns: As India transitions to a digital economy, the amount of personal and government data stored online grows. This also raises the possibility of data breaches, in which hackers gain access to and leak sensitive information. Data breaches can have serious consequences for individuals’ and organisations’ privacy and security.In May 2021, for example, the personally identifiable information (PII) and test results of 190,000 candidates for the 2020 Common Admission Test (CAT), which was used to select applicants to the IIMs, were leaked and sold on a cybercrime forum.

Cyber Espionage: The use of cyber-attacks to spy on or sabotage the interests of other countries or entities is known as cyber espionage. Like other countries, India is a target for cyber espionage activities aimed at stealing confidential information and gaining a strategic advantage. Cyber espionage has the potential to undermine India’s national security, foreign policy, and economic development. In 2020, for example, a cyber espionage campaign known as Operation SideCopy (a Pakistani threat actor) was discovered that targeted Indian military and diplomatic personnel with malware and phishing emails.

APTs (Advanced Persistent Threats): APTs are complex and lengthy cyber-attacks that are typically carried out by well-resourced and skilled groups. These attacks are intended to infiltrate and stay hidden in the target’s network for an extended period of time, allowing them to steal or manipulate data or cause damage. APTs are difficult to detect and counter because they employ sophisticated techniques and tools to circumvent security measures. In February 2021, for example, RedEcho, a cyber security firm, revealed that a China-linked APT group had targeted 10 entities in India’s power sector with malware that could potentially cause power outages.

Vulnerabilities in the Supply Chain: Supply chain vulnerabilities are flaws in the software or hardware components used by the government and businesses in their operations. Cyber attackers can use these flaws to compromise the systems and services that rely on these components, causing widespread damage. For example, in December 2020, several Indian organizations were affected by a global cyberattack on SolarWinds, a US-based software company that provides network management tools. These organizations included the National Informatics Centre (NIC), the Ministry of Electronics and Information Technology (MeitY), and Bharat Heavy Electricals Limited (BHEL).

Recommendations: Ways to improve cybersecurity in India

Strengthening Existing legal framework: The Information Technology (IT) Act of 2000, which has been amended several times to address new challenges and threats, is India’s primary legislation governing cybercrime. However, there are some gaps and limitations in the IT Act, such as a lack of clear definitions, procedures, and penalties for various cyber offences, as well as a low conviction rate for cyber criminals. India must enact comprehensive and up-to-date cyber security legislation that addresses all aspects of cyber security, including cyber terrorism, cyber warfare, cyber espionage, and cyber fraud.

Enhancing Cyber Security Capabilities: The National Cyber Security Policy, Cyber Cells and Cybercrime Investigation Units, Cyber Crime Reporting Platforms, and Capacity Building and Training programs are all part of India’s efforts to improve cyber security.

These efforts, however, remain insufficient and fragmented, as India struggles with a lack of technical staff, cyber forensics facilities, cyber security standards, and coordination among various stakeholders.

India must invest more in developing its human and technological resources, creating cyber security centres of excellence, implementing best practises and standards, and encouraging collaboration and information sharing among various agencies and sectors.

Expanding International Cooperation: India is not alone in facing cyber security challenges, as cyber-attacks cross national borders and affect the global community. India should work more closely with other countries and international organisations, such as the United Nations, the International Telecommunication Union, Interpol, and the Global Forum on Cyber Expertise, to share best practises, share threat intelligence, harmonise cyber laws and norms, and collaborate in cyber investigations and prosecutions.

To build trust and confidence and address common cyber security issues and interests, India should participate more actively in regional and bilateral dialogues and initiatives such as the ASEAN Regional Forum, the BRICS, and bilateral forums such as the Indo-US Cyber Security Forum.

Conclusion

Finally, the Indian cybersecurity landscape is marked by both progress and persistent challenges. While the government has taken commendable steps to strengthen the nation’s digital defences, the increasing frequency and sophistication of cyber-attacks highlight the importance of continuous improvement and adaptability in the face of evolving threats. The cybersecurity situation in India reflects a broader global trend, in which digital transformation brings unprecedented opportunities but also increases risks. Critical infrastructure vulnerabilities, financial sector threats, data breaches, cyber espionage, advanced persistent threats, and supply chain vulnerabilities all necessitate comprehensive and proactive strategies.

While India’s legal framework is evolving, it still needs to be strengthened in order to effectively combat cybercrime. A strong cybersecurity legislative framework must include clear definitions, streamlined procedures, and severe penalties. Improving cybersecurity capabilities through the establishment of cyber centres of excellence, cultivating a skilled workforce, and encouraging collaboration among various stakeholders are also critical. International cooperation is critical in dealing with the borderless nature of cyber threats. Collaboration with other nations and global organisations facilitates the exchange of best practises, threat intelligence, and cyber law harmonisation. Participation in regional and bilateral forums strengthens trust and confidence, as well as the collective ability to address shared cybersecurity concerns.

In essence, securing India’s cyberspace is a never-ending journey requiring constant vigilance, innovation, and collaboration. Government initiatives, in conjunction with private sector engagement, academic research, and international cooperation, can collectively contribute to the nation’s building of a resilient and secure digital ecosystem. As technology advances, a steadfast commitment to cybersecurity will be critical to protecting the nation’s data, critical infrastructure, and citizens’ overall well-being in an increasingly interconnected world.