[Solved] Discuss the potential threats of Cyber attack and the security framework to prevent it ( UPSC GS-3 Mains 2017)

[Solved] Discuss the potential threats of Cyber attack and the security framework to prevent it ( UPSC GS-3 Mains 2017)

As India shifts to a cashless economy, cyber threats are at a new high with the number of such incidents occurring in banking systems increasing in the last five years.India witnessed more than 27, 000 cyber security threat incidents in the first half of 2017.

 Potential threats of cyber-attacks:

 • Threats reported include phishing attacks, website intrusions and defacements or damages to data as well as ransomware attacks.

 • The types of cyber security incidents such as phishing, scanning, website intrusions and defacements, virus code and denial of service attacks are likely to grow.

 • There is an ever-growing threat to the economy, financial sector, key government departments and infrastructure set-up, which in turn leaves internal security at risk

 • India remains vulnerable to digital intrusions such as cyber-espionage, cybercrime, digital disruption and Distributed Denial of Service (DoS).

 Security framework:

 • Internal response:

 – The Government of India took the first formalized step towards cyber security in 2013 with National Cyber Security Policy, 2013

 – CERT-In is an emergency response team set up under the Ministry of Electronics and Information Technology for dealing with a range of cyber-attacks. Apart from this, the Government of India has four Sectoral Computer Emergency Response Teams to address Cyber Security Threats in Power Systems: Transmission, Thermal, Hydro and Distribution.

 – To combat cyber security violations and prevent their increase, Government of India’s Computer Emergency Response Team (CERT-in) launched ‘Cyber Swachhta Kendra’a new desktop and mobile security solution for cyber security in India.

 – Apart from this, Government ha also developed apps, software, etc to make devices safe.

 •  External collaboration: The Indian government has entered into cyber security collaborations with countries such as the USA, European Union and Malaysia. The U.K. has agreed to assist in developing the proposed National Cyber Crime Coordination Centre in India.

 Suggestions:

 • There is need to work on recruiting more work force and building capacitywith professionals havingexpertise, training and motivation needed to deal with cyber criminals,

 • India’s budgetary allocation towards cyber security was only about Rs 42.2 crore in 2012-13.This needs to increase.

 • There is need to setting up high-end cyber labs that are capable of critically inspecting every IT component before these are deployed in critical infrastructure across industry sectors.

 Potential threat

  • Cyber attack is a particularly major threat to sectors identified under Critical Information Infrastructure (CII) that include financial systems, air traffic control and telecommunications.
  • First, all the sectors identified as CII are dependent on connectivity. Debilitating attack on any one system can cause a cascading effect, disrupting the functioning of other systems.
  • Second, CII is highly dependent on industrial control systems, which depend on digital instructions. Any malicious takeover of these systems will not only disrupt but also seize functioning of CII.
  • Third, many CII, such as air traffic control, is dependent on navigational data, which is especially vulnerable to spoofing. If the integrity of this data cannot be ensured, the input of false data can have disastrous consequences.

 Security Framework

  • The Indian government has also been aggressively addressing the rising prevalence of cyber threats.  National Cyber Security Policy 2013 has been framed to create a secure cyber ecosystem, ensure compliance with global security systems and strengthen the regulatory framework. The union budget for 2017 included the formation of Computer Emergency Response Team (CERT) for the financial sector.
  • The government has also sought data security protocol details from several smart phone manufacturers insisting that mobile manufacturing units be security-compliant. The Technology Development Board and Data Security Council of India (DSCI) have jointly decided to promote cyber security startups in India.
  • NASSCOM and DSCI Cyber security Task Force have also launched a roadmap to develop the cyber security ecosystem to $35 USD billion by 2025.

 Further reading..

 The number of people having access to the internet In India is increasing day by day. Despite the untapped potential, India already is the 2nd largest online market worldwide. Although the advancement of technology and the internet has brought with it all related benefits but has also led to an increase in the cybercrime affecting people globally. The crime like the Pegasus snooping scandal, Wannacry attack has shown vulnerability of India to cyber-crime threats.

  • Various threats and challenges to cyber-security in India:
  • Cyber terrorism: It is premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence.
  • Digital Data Threat: Growing online transactions have generated bigger incentives for cybercriminals. Besides, establishments looking to mine data (customer information, results of product surveys, and generic market information), they also create intellectual property that is in itself an attractive target.

 Cyber warfare:It involves the actions by a nation-state or international organization to attack and attempt to damage another nation’s computers or information networks.

  • Cyber Infrastructure Concerns: Most equipment and technology systems are vulnerable to cyber threats just like any other connected system. Although the government has set up National Critical Information Infrastructure Protection Centre (NCIIPC), it is yet to identify and implement measures to protect critical information infrastructure.
  • Lack of specialists: Globally, India ranks 2nd in terms of the number of Internet users after China (Internet World Stats, 2017). However, India has a negligible base of cyber-security specialists, when compared to internet user base.
  • Lack of robust law enforcement mechanisms: India’s approach to cyber security has so far been ad hoc and unsystematic. Despite a number of agencies, policies and initiatives, their implementation has been far from satisfactory.
  • Lack of Coordination: Due to the existence of too many agencies with overlapping functions in the field of cyber security, coordination between these agencies is poor.
  • Initiatives are being taken by the government to enhance cyber-security in India: Information Act, 2000: The Information Act, 2000 (amended in 2008) is the primary law for dealing with cybercrime and digital commerce in India.
  • National Cyber Security Policy, 2013: The policy provides the vision and strategic direction to protect the national cyberspace.
  • The CERT-In (Cyber Emergency Response Team – India): CERT-In has been operational since 2004. It is the national nodal agency for responding to computer security incidents as and when they occur.
  • Indian Cyber Crime Coordination Centre (I4C):The Union Government has decided to set up 14C. It will be apex coordination centre to deal with cybercrimes.
  • Cyber Swachhta Kendra:Launched in early 2017, the Cyber Swachhta Kendra provides a platform for users to analyse and clean their systems of various viruses, bots/ malware, Trojans, etc.
  • Cyber Surakshit Bharat: Ministry of Electronics and Information Technology, launched the Cyber Surakshit Bharat initiative to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
  • The Cyber Warrior Police Force: In 2018, the government announced its plans to introduce CWPF. It is proposed to be raised on lines of the Central Armed Police Force (CAPF).
  • Cyber-Crime Prevention against Women & Children’ Scheme:Implemented by the Ministry of Home Affairs, the scheme aims to prevent and reduce cyber crimes against women and children.

The effects of such attack are The effects of such attack are:

  • Destroy the data in computer
  • Vital personal information may theft
  • Fradulent financial transactions , theft of passwords
  • Crucial information pertaining to businesses and other dealings
  • Confidential govt information
  • Pose threat to security and sovereignty of country
  • Affect the relations with foreign countries
  • Security frame work to prevent such attacks include :
  • Create awareness about possible security threats
  • Strong password protection and dont share passwords
  • Strong fire wall protection
  • Don’t open unnecessary advertisements and pop ups
  • Don’t open unsecured wifi connections in our Pcs
  • National cyber emergency responce team to be set up
  • Install/use authenticated softwares only
  • There shold be a dedicated national level policy & act on this cyber world which suits the present future.
  • Tairn/ skill the techies in cyber science
  • Encourage reaserch and development in this field and promote ethical hacking

Way Forward:

  • Building capabilities: There is an urgent need to build capabilities and capacity for application, equipment and infrastructure testing.
  • Human resource: Immediate attention has to be given to human resource development which would increase the number of experts who can effectively manage the cyber security of the country.
  • R&D: Investments should be made on R&D to develop more innovative technologies to address increasing cyber security threats.
  • Policy and Governance: It is important to bring a robust policy and effectively implement the same. Further, duties and responsibilities should be defined clearly for smooth functioning and better coordination among departments and stakeholders.
  • Awareness: A periodic awareness campaign by the government and big private organizations should be conducted to aware people about cyber security threats.
  • Strengthening Private Partnership: It is important to strengthen the public- private partnership on cyber security.
  • Cyber-security is needed in the present era of increasing connectivity. Although the government has taken many proactive steps, much needed to be done to enhance the country’s cyber-security. It is important to bring a robust policy and effectively implement the same.
  • Potential threats of cyber attacks :
  • Threat in cyber space comes from majorly enemy countries and techies who want to make money out of it. Enemy countries they theft information without any intimation, but in later case they introduce some malwares and ransom wares./cyber attack/

For latest Articles [Paper wise GS 1-4] and Solved papers[2010-2020] join us @ https://t.me/UPSCexamNotes1

For solved

UPSC ESSAYS click here

GS Paper 1 click here


Gs Paper 2 click here

Gs paper 3 click here

GS paper 4 click here

Sociology click here

Entertainment click here

Leave a Reply

%d bloggers like this: