Security Issues

Cyberattacks: India’s Chance to Create a Global Cyber Security Framework

The soft underbelly of our rapidly expanding digital networks has been exposed in recent weeks. Ransomware is now the most common type of malicious cyberattack. In this case, the perpetrators demand large sums of money in exchange for the release of withheld data. According to data, over 75% of Indian organisations have been subjected to such attacks, with each breach costing an average of 35 crore in damage.

There have been two recent ransomware attacks.

  • AIIMS Ransomware Attack: The first was a ransomware attack on the servers of All-India Institute of Medical Sciences, India’s premier institute. Nearly 40 million health records were compromised, and it took more than two weeks to bring the systems back online.
  • Soon after, a ransomware gang known as BlackCat breached the parent company of Solar Industries Limited, one of the Ministry of Defence’s ammunition and explosives manufacturers, and extracted over 2 Terabytes of data.

What exactly is a cyber-attack?

  • Cyberattacks are unauthorised attempts to steal, expose, alter, disable, or destroy information via computer systems.
  • These attacks can target a variety of entities, including governments, businesses, organisations, and individuals, and can result in serious consequences such as the theft of sensitive information, financial loss, reputational damage, or the disruption of critical services.

Who is responsible for cyberattacks?

  • Cyberattacks against businesses can be carried out by criminal organisations, state actors, and private individuals. Outsider versus insider threats is one way to categorise cyberattack risks.
  • Threats from without: Organized criminals or criminal groups are examples of external cyber threats. Professional hackers, similar to state-sponsored actors, and amateur hackers, similar to hacktivists
  • Threats from within: Insider threats are users who have authorised and legitimate access to a company’s assets and intentionally or unintentionally misuse them. They are as follows: Employees who disregard security policies and procedures, Employees who are dissatisfied with their current or former jobs, Access to the system for business partners, clients, contractors, or suppliers

Increasing vulnerability

  • Malwares exist that can infect all types of computer systems: With the distinction between the physical and digital realms becoming increasingly blurred, every critical infrastructure, from transportation to power and banking systems, would become extremely vulnerable to attacks from hostile state and non-state actors.
  • For example, cyber capabilities are becoming increasingly important: As seen in Ukraine’s ongoing conflict, electronic systems in warheads, radars, and communication devices have reportedly been rendered ineffective by hacking and GPS jamming.
  • Cyber security breaches would only become more common: With the advent of 5G and quantum computing, the potency of malicious software and avenues for digital security breaches will only grow.
  • For example, cybercrime is expected to cause $8 trillion in worldwide damage this year.

The cybersecurity architecture of India

  • CERT-In: In 2022, India’s cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), issued a set of guidelines for organisations to follow when connected to the digital realm. This included the mandatory requirement to report cyberattack incidents within hours of becoming aware of them, as well as the designation of a pointsperson with domain knowledge to interact with CERT-In.
  • The draught Digital Personal Protection Bill 2022 of India proposes a fine of up to 500 crore for data breaches.
  • DCyA (Defense Cyber Agency): India’s armed forces recently established a Defence Cyber Agency capable of offensive and defensive manoeuvres. Every Indian state has its own cyber command and control centre.
  • The Indian Cybercrime Coordination Centre (I4C), established by the Ministry of Home Affairs, serves as a node in the response to cybercrime by coordinating with state police forces across the country. It also coordinates the implementation of other countries’ mutual legal assistance treaties (MLAT).

Limitations The cybersecurity infrastructure in India

  • Lack of tools to detect: Most organisations lack the tools to detect, let alone prevent, cyberattacks.
  • Cybersecurity professionals are in short supply: India also has a severe shortage of cybersecurity professionals. In comparison to the 1.2 million people in the United States, India is expected to have a total workforce of around 3,00,000 in this sector.
  • The majority of our organisations are in the private sector, and their participation in India’s cybersecurity structures remains limited.

It is critical to have a global perspective

  • International collaboration is essential: With the majority of cyberattacks emanating from outside our borders, international cooperation would be critical to maintaining the security of our digital space. It would also be a cause with international appeal.
  • Cybersecurity treaties: India has already signed cybersecurity treaties with the United States, Russia, the United Kingdom, South Korea, and the European Union, among others.
  • There are multinational frameworks, but no truly global framework: Even in multinational frameworks such as the Quad and the I2U2 (both of which India is a member), efforts are being made to improve cooperation in cyber incident response, technology collaboration, capacity building, and cyber resilience. However, there is no truly global framework, with many organisations operating in silos.
  • The UNGA established two ICT processes: The United Nations General Assembly established two processes to address security issues in the information and communication technology (ICT) environment.
  • Russia established the Open-ended Working Group (OEWG) with the entire UN membership through a resolution.
  • The other is the United States’ resolution on the continuation of the Group of Governmental Experts (GGE), which includes 25 countries from all major regions.
  • Many aspects of the Internet are vastly different: The two antagonistic permanent members of the United Nations Security Council, who are India’s most important strategic partners, disagree on many aspects of the Internet, including openness, data flow restrictions, and digital sovereignty. These UN groups would struggle to hold effective dialogues in the midst of current world events.

@the end

The G-20 summit in India this year, which will include all of the stakeholders driving the global levers of power, is a once-in-a-lifetime opportunity to bring together domestic and international engagement groups from across the spectrum and steer the direction of these consultations. India could make an effort to conceptualise a global framework of common minimum acceptance for cybersecurity. This would be one of the most significant contributions to collective security made by any nation in modern times.

And get notified everytime we publish a new blog post.