In the realm of cyberspace to which most of us have been 'locked in' for the past few weeks, security threats have only sky-rocketed. What's worse, the new favourite targets of cybercriminals are the very people on the front lines of the battle against COVID-19—hospitals and healthcare professionals. They are targeted by Ransomware attacks, designed to lock them out of their critical systems in an attempt to extort payments.
There has been an increasing number of COVID-19 based cyber threat events in India and across the world ranging from phishing website campaigns, emails claiming to be sent by the World Health Organization, and even malicious Android apps, including mobile banking Trojans.
In this article, we will discuss the Cyberspace and Cybersecurity, Reasons behind cyber attacks and measures taken by the Government to deal with them.
It is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization.
Cyber Crime: Cyber-attack is "any type of offensive manoeuvre employed by individuals or whole organizations that targets computer information systems, infrastructures, computer networks with an intention to damage or destroy a targeted computer network or system.
Cyber Terrorism: Acts of Terrorism related to cyberspace and /or executed using Cyber technologies is popularly known as 'cyber terrorism'.ISIS use this tool to recruit people from around the globe, and now cyberspace is used by different terrorist organizations to train terrorists(example: methods of bomb-making, etc.), prepare the plan for terrorist attacks, etc.
Cyber Warfare: The Fifth domain of warfare
The evolution of technology impacts the nature of conflict and war. Cyber Warfare is a very recent yet evolving phenomenon. Many countries use cyberspace to destroy or damage the infrastructure of the enemy country. In this regard, China is very popular for making cyber attacks on other countries, including U.S.A and India.
Aim of Cyber Attacks
- To seek commercial gain by hacking banks and financial institutions.
- To attack critical assets of a Nation.
- To penetrate into both corporate and military data servers to obtain plans and intelligence.
- To hack sites to virally communicate a message for some specific campaign related to politics and society.
- Ransomware attacks and COVID-19: According to a report of K7 Computing Pvt. Ltd, hospitals and healthcare professionals are targeted by Ransomware attacks to extort payments by cybercriminals.
- WannaCry: It was a ransomware attack that spread rapidly in May 2017. The ransomware locked users' devices and prevented them from accessing data and software until a certain ransom was paid to the criminals. Top five cities in India (Kolkata, Delhi, Bhubaneswar, Pune and Mumbai) got impacted due to it.
- Mirai Botnet: Mirai is malware that infects smart devices that run on ARC processors, turning them into a network of remotely controlled bots or zombies. This network of bots, called a botnet, is often used to launch Distributed Denial of Service (DDoS) attacks. In September 2016, Mirai malware launched a DDoS attack on the website of a well-known security expert.
Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. In the digital era, it is essential for every nation to protect its infrastructure from any cyberattacks.
In the absence of robust Cybersecurity, there could be leakage of sensitive Government information, which could result in loss of wealth for citizens and Government.
- Increased use of mobile technology and the Internet by people
- The proliferation of the Internet of Things (IoT) and lack of proper security infrastructure in some devices
- Cyberspace has inherent vulnerabilities that cannot be removed.
- Internet technology makes it relatively easy to misdirect attribution to other parties.
- It is generally seen that attack technology outpaces defence technology.
- Lack of awareness of Cybersecurity
- Shortage of Cybersecurity specialists
- Increased use of cyberspace by terrorists.
- The International Telecommunication Union (ITU) is a specialized agency within the United Nations which plays a leading role in the standardization and development of telecommunications and cybersecurity issues.
- Budapest Convention on Cybercrime: It is an international treaty that seeks to address Internet and computer crime (cybercrime) by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. It came into force on 1 July 2004. India is not a signatory to this convention.
- Internet Governance Forum (IGF): It brings together all stakeholders, i.e. Government, private sector and civil society on the Internet governance debate. It was first convened in October–November 2006
Laws and Cybersecurity Preparedness of India
1.Information Technology Act, 2000
- The act regulates the use of computers, computer systems, computer networks and also data and information in electronic format.
- The act lists down among other things, following as offences:
- Tampering with computer source documents.
- Hacking with a computer system
- Act of cyber terrorism, i.e. accessing a protected system with the intention of threatening the unity, integrity, sovereignty or security of the country.
- Cheating using computer resources etc.
2.National Cybersecurity Policy,2013
It aims to protect information and information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threats, reduce vulnerabilities and minimize damage from cyber.
- The CERT-IN-National nodal agency for responding to computer security incidents as and when they occur.
- Central Information Security Officer in all private and public organizations.
3.Indian Cyber Crime Coordination Centre (I4C)
- The Indian Cyber Crime Coordination Centre (I4C) was recently inaugurated by the Government.
- It will be set up under the newly created Cyber and Information Security (CIS) division of the Ministry of Home Affair.
4.National Critical Information Information Protection Center
- It was established under the Information Technology Act, 2000 to secure India's critical information infrastructure.
- It is designated as the National Nodal Agency in respect of Critical Information Infrastructure Protection.
5.Training of 1.14 Lakh persons through 52 institutions under the Information Security Education and Awareness Project (ISEA) – a project to raise awareness and to provide research, education and training in the field of Information Security.
6.International cooperation: Looking forward to becoming a secure cyber ecosystem, India has joined hands with several developed countries like the United States, Singapore, Japan, etc. These agreements will help India to challenge even more sophisticated cyber threats.
- Real-time intelligence is required for preventing and containing cyber attacks.
- Periodical' Backup of Data' is a solution to ransomware.
- Using Artificial Intelligence (AI) for predicting and accurately identifying attacks.
- Using the knowledge gained from actual attacks that have already taken place in building a practical and pragmatic defence.
- Increased awareness about cyber threats for which digital literacy is required first.
- India needs to secure its computing environment and IoT with current tools, patches, updates and best-known methods in a timely manner.
- The need of the hour for Indian Government is to develop core skills in Cybersecurity, data integrity and data security fields while also setting stringent cybersecurity standards to protect banks and financial institutions.
More from us.
The Most Comprehensive Exam Prep App.