Paradoxically, the daily news of cyber-attacks on Indian entities is no more news. We’ve been habituated to waking up to such news these days. CERT-IN reported nearly 14 lakh cyber-attacks in 2021. There are tons of such news coming up from various quarters like banking, government offices, companies, power sector, etc. The sheer frequency of such attacks has turned the public indifferent to such news. But the recent power outage in our financial capital, i.e., Mumbai in 2020, which was allegedly a result of the cyber-attack on the city’s power infrastructure, has garnered wide attention of the public and brought the issue of India’s cyber security to the forefront. The weaponization of the internet, both by the state and non-state Indian adversaries, has forced India to stand on tenterhooks. Before understanding the threats that India is facing in the face of growing cyber warfare, let us first understand the basics of cyber warfare.
What is Cyber Warfare?
According to the standard definition, Cyber Warfare is “a set of actions by a nation or organization to attack countries or institutions’ computer network systems with the intention of disrupting, damaging, or destroying infrastructure by computer viruses or denial-of-service attacks.”
Cyber warfare involves different techniques, but the primary aim is to destroy or destabilise the target nations or the individuals of the target nations. It involves targeting,
- Attacks on financial infrastructure like banking
- Attacks on electricity distribution and dams
- Attacks on airports, traffic signals, railways
- Attacks on military installations
- Attacks on nuclear installations
Cyber warfare can be carried out in several manners, a few of which are;
- Espionage: It involves spying up on enemy activities by using a botnet or spearfishing attacks on the enemy devices and gaining access to their systems. They can keep track of traffic flowing through compromised devices.
- Sabotage: It refers to deliberately destroying the target devices or blocking their access to their operators. This is one of the most common mode of attacks.
- Denial of service attack: It refers to illegally gaining access to any website or digital infrastructure and denying the legitimate owner their due access to the target.
- Data theft: Cybercriminals break into the target devices of the individual, companies, or govt agencies and steal vital personal data and strategic data, which are confidential. It may leak the crucial military data to the foreign nations. The hacking of Aadhaar card details and SBI bank belongs to this category.
- Attacking the infrastructure: Hacking and getting access to systems that govern infrastructure like power grids, nuclear plants, railways, etc. USA’s attack on Iranian nuclear facilities using STUXNET and attack by unconfirmed sources on Mumbai’s power grid in 2020 are a few examples. This would have a destabilising effect on any nation.
- Ransom attacks: It is an extension of a denial-of-service attack where the systems are made inaccessible to the legitimate users and then demand huge sums to return back the access. The Ryuk ransomware had held many institutions in the USA hostage in 2019 for a huge ransom.
- Man-in-the-middle attack: Here, an offender places himself in a transaction between a user and an application to impersonate one of the parties, disguising the entire transaction as being legitimate. The end purpose is to steal personal information, such as login credentials, account details, and credit card numbers.
- Stuxnet: The malware that American and Israeli agencies combinedly produced and introduced into Iranian nuclear facilities in 2010. This is one of the most high-profile cases that resulted in the malfunctioning of the Iranian nuclear mission.
- The cyber-attacks on Ukraine: Russia had destroyed the digital infrastructure of Ukraine before invading and capturing Crimea in 2014.
- Wanna cry: A worldwide ransomware attack that hacked more than 2 lakh Microsoft-based computers just in a span of three days and caused billions of losses.
- Domino’s incident: The hackers in 2021 have breached the personal details of the customers like names, addresses, mobile numbers.
- Kundankulam incident: Hacking of India’s nuclear facility at kundankulam in 2019.
- Hacking of PMO and Ministry of external affair’s devices: Chinese have gained access to these devices, jeopardizing the national security, in the year 2010.
- COVID-19 Results Database incident: The hackers made data base of Indian covid infected persons, compromising their personal privacy.
Motive Behind Cyber-Attacks
Military gains: In modern warfare, cyber warfare has been employed in an unprecedented role. Russia’s relative ease with which it captured Crimea has been enabled due to the pre-emptive demolition of Ukraine’s cyber networks. Modern militaries often employ cyber offensive mechanisms for various purposes like spying on enemies, having access to the strategic data, destabilising enemy networks to which their weapons are integrated, crashing down enemy electronic installations, etc.
Civilian motives: Civilian motives include stealing the public data, databases of the companies, economic gains, financial theft, ransom, revenge, etc.
Hacktivism: It refers to promoting ideological activism through cyber platforms. It involves hacking and gaining access to target devices and flooding it with the content that the hacker intends to.
Political reasons: To threaten the adversary nations into submission. For example, it is widely believed that it was due to Chinese cyber-attacks on Australia that slowed down Australia’s engagement with the quad. It is also used by extremists and anti-social elements to force governments to yield to their demands.
Exacting Revenge: This is carried out by both individuals and organisations, which are usually directed at sending a stern message to the authorities for something they have done against the interests of the involved hackers.
Recognition & Achievement: Some perpetrators are motivated by the false sense of achievement that follows after breaching a major system. They usually crave popularity and recognition.
Why is India so Vulnerable?
Is India so vulnerable to cyber-attacks? Well, stats do not lie. According to the Norton firm, on average, there were nearly 2 lakh cyber-attacks on India in the first quarter of 2022 alone. CERT-In has reported that a total number of 14,02,809 cyber security breaches were reported in 2021. Asia was the most-attacked region in the world, and India stands 2nd in Asia. IBM report states that cyber-attacks on India account for 7% of total global attacks.
But why is India so vulnerable to cyber-attacks? What are the gaps and shortfalls in our cyber security? Let’s see.
- Poor quality devices: In the USA, apple devices account for 44% of the total phones, whereas in India, it’s less than 1%. The majority of Indians still couldn’t afford sophisticated devices that would offer a robust cyber security.
- Covert attacks: Unlike traditional warfare, cyber-attacks can be inflicted from faraway places that are outside of our jurisdictions. It is a herculean task to locate the genesis of the cyber-attack. When we don’t know the direction of an enemy attack, it is naturally difficult to erect bastions. Even to the government authorities, the intricacies of cyber warfare look Greek and Latin. Our authorities aren’t trained in this regard.
- Dismal digital literacy: A large chunk of the Indian population is unaware of the technicalities of the cyber world. As a result, they would often end up falling prey to hackings and data breaches. According to the latest government data, only 38% of households in India are digitally literate. No wonder India stands so precariously threatened.
- Absence of a robust national cyber security framework: Most of the Indian cyber security mechanism is designed for defensive purposes and not offensive purposes. Moreover, India’s cyber security is scattered over different ministries and departments, which hampers coordination and collective defence. Also, there is no agency that coordinates and consolidates the efforts of various cyber security agencies spread across different ministries.
- Increasing digital footprint: With rising incomes, a large section of the population is increasingly using digital devices like mobile phones, computers, tablets, etc. As of 2021, we have 1.18 billion mobile connections, 70 core Internet users, and 60 crore smartphones operating in India. As the user traffic increased, more prey is available for the hackers to pounce upon as most of the traffic was unsecured or inadequately secured.
- Downplaying the threat: Maybe the authorities haven’t been adequately apprised of the impending threat or they may have downplayed the threat. The dismally low budgetary allocations prove one of them right. The latest budgetary allocation was just 515 crores, which is even lesser than the previous budget. The actual government spending on cybersecurity has traditionally remained below-budgeted estimates. In 2020-21, the government had only spent 53 % of the budgeted amount.
- Inadequate enforcement agencies: The number of cyber-crime police stations in India has been awfully low. Even these limited stations are grossly understaffed. A huge swathe of the population of India is oblivious of where to lodge a complaint in times of cyber contingencies. Even the enforcement agencies have been shy of taking requisite strides in reaching out to people.
- Two adverse neighbours: unfortunately, India is surrounded by adversaries which inflate our threat from cyber channels. More importantly, one of our adversaries, i.e., China, has been a champion of cyber warfare. Also, the epicentre of cyber-attacks directed at India has not been confined to these two nations. Further compounding the woes, there are a growing number of such attacks emanating from Russia, North Korea and other countries as well.
Why Should India be Worried: Our Stakes
The World Economic Forum’s Global Risk Report-2021, stated cyber security as one of the most serious challenges to humankind in the coming decade. As we have fully understood the threat profile of India and our vulnerabilities, why should we be worried? What are our stakes, that could be jeopardized due to the looming cyber threat? Let’s see.
- Terrorist attacks: India is one of the hot targets of Terrorists and stands precarious in face of the growing cyber-attacking ability of the terrorist organizations. Terrorists may use it to sabotage India’s vital infrastructure like power grids, banking platforms, railway networks, etc. With increased funding, sophisticated terror outfits are increasingly employing these modern warfare techniques. It is widely believed that Al-Qaida, made use of cyber sabotage in 2001, to attack the twin towers of the USA. Also, terror outfits may use this to further their propaganda and gain public support and recognition.
- A blow to Digital India aspirations: Ever since demonetisation, the Government has been aggressively pushing for digital payments. As a result, the volume of digital payments in India has amounted to 7,422 crore rupees for the financial year 2021-22. There is a 33% increase in the total digital transactions in the country compared to the previous year. At a time, when digital payments are picking up pace in India, cyber theft may turn the clock back and may dissuade the public from using digital gateways for transactions. Already, the SBI database has been breached in the recent past by hackers stationed in China. Even Axis bank fell prey to these attacks.
- May cripple Infrastructure: Cyber-attacks directed at infrastructure would cripple the economy big way. The recent attacks on the power grid of Mumbai in 2020 and attacks on OIL company underscore the gravity of the impending crisis. There is a 70% rise in attacks on India’s critical infrastructure in the first quarter of 2021, as per the report of reputed cyber security company ‘Trelix’. Destabilizing the networks associated with metros, railways, airways, banking systems, production facilities, and power systems would bring the economy to a grinding halt.
- Threat to nuclear capacities: The attack on kundankulam nuclear facility in 2018 has wide opened up the debate on India’s vulnerability. The world has already witnessed the kind of destruction that a small malware ‘Stuxnet’ inflicted on Iranian nuclear facilities in 2010, which it hasn’t recuperated yet. India, as of today operates 22 nuclear reactors and has set an ambition of generating 22.5gw of nuclear energy by 2031. So, India needs to be proactive and vigilant in guarding its nuclear facilities, lest face the unimaginable aftermath.
- Data privacy: With the increased digital footprint in India, more and more data has been generated every single hour in India. The hacking of this data may leak out personal, public, strategic, and military data into the hands of adversaries. Hacking of health records, bank details, cyber credentials, professional communications, etc would jeopardize the individual’s privacy.
- Military: Many of India’s military equipment such as radars, communication networks, control units, etc., are integrated with cyber platforms. Any access to these platforms for the adversaries would sabotage our military capabilities.
In the face of growing threat dawning from various quarters and increasing uncertainty of the mode of attacks, government has taken many measures. We shall see a few of them.
Laws and policies:
- Information and Technology Act, 2000
- Information Technology Amendment Act 2008
- National Cyber security policy-2013
- Create a workforce of around five-lakh trained in cyber security.
- Setting up a think tank for policy inputs, discussion and deliberations.
- Provide financial incentives to businesses to adopt best security practices.
- To enhance the national and global synergy among agencies involved.
- National Cyber Security Strategy 2020
- Personal Data Protection Bill.
- National cyber coordination centre (NCCC): It is instituted under Indian Computer Emergency Response Team (CERT-In), Union Ministry of Electronics and Information Technology. Its mandate is to scan internet traffic coming into and out of the country and provide real time alerts to the agencies about the unusual or suspicious data flow. It forms India’s first layer of Cyber monitoring mechanism.
- Cyber and Information Security (CIS): It is a recently created institute under the Ministry of Home, to deal with cyber-crimes such as cyber threats, child pornography and online stalking. Under this initiative, “The Indian cybercrime coordination centre (I4C)” and “Cyber Warrior Police” force have also been established for the first time.
- Defence Cyber Agency: Indian defence has established a separate cyber defence agency to shield the military installations from cyber-attacks.
- National Critical Information Infrastructure Protection Centre (NCIIPC): It’s mandate is to shield our critical infrastructure like transportation, nuclear facilities, space, etc. It has been setup the National Technical Research Organisation, headed by the National Security Adviser.
- Indian Computer Emergency Response Team (CERT-in): it is a dedicated agency within the Ministry of Electronics and Information Technology. Its mandate is to;
- Collection and dissemination of cyber attacks to the relevant agencies
- Forecast and alerting the authorities of possible threats.
- Responding to the cyber-attacks.
- Issue guidelines, advisories, to various agencies.
- National Informatics Centre (NIC): It is an attached office under the Ministry of Electronics and Information Technology to provide IT based services to the government ministries and departments. It has launched NIC-CERT to forecast and forewarn government offices about the impending threats.
- Cyber Surakshit Bharat Initiativeto strengthen the Cyber Security ecosystem in India. It is the first public private partnership of its kind and will leverage the expertise of the IT industry in cybersecurity.
- Security – Cyber Swachhta Kendra: The aim of Cyber Swachhta Kendra is to promote awareness among Indian citizens to secure their data in computers, mobile phones, and other electronic devices.
- Training and creating awareness among more than a lakh person under the Information Security Education and Awareness Project (ISEA)
Despite the litany of government’s interventions, still, India’s cyber landscape looks very precarious. All the above measures fell short of building a robust defence against incoming cyber threats. Post the Galwan face-off, there was a rise of 200% in cyber-attacks emanating from China. Recently, it was also reported that China was spying on Indian infrastructure, such as the power grid in Ladakh. Also, China has snooped on India’s vaccine-producing companies during the pandemic. Surprisingly, Russia, too, has joined the suit. A recent report by Cyfirma, a cyber threat intelligence firm, revealed that Indian pharma companies and hospitals have been repeatedly targeted by Russian, Chinese, and Korean hacker groups. Needless to discuss, the impending threat looming from our western neighbours. So, the threats are not going to subside but are only going to proliferate exponentially as the 21st-century modern warfare techniques evolve. So, the question is, what should India do?
- Promoting cyber hygiene: Government, in collaboration with NGOs, should embark on sensitizing people on cyber hygiene from an early age to inculcate cyber discipline. A digitally literate population would be vigilant about the suspicious activities and would thereby prevent themselves from falling prey to a lot of cyber-attacks.
- Securing the 5g deployment: As we began 5g trials in India, this emerging technology will offer more potential entry channels for hackers owing to the relatively less centralized pattern of its architecture.
- Synergy between various agencies: It is imperative to attain coordination between the government, private sector, and civil society at the national and federal levels. It would result in effective consolidation of efforts.
- Transparency: Government shouldn’t refrain from making the cyber-attacks public. Rather it should proactively put it out in public domain and invite meaningful public discussions on future Cyber policies.
- International coordination: India should actively push for global synergy in this regard and bring all the stakeholders on the single platform to fight the menace collectively.
- Rising Cyber-offensive force: India so far has been only fire-fighting the attacks. Rather, India should raise a force of its own to take the offense on to the adversaries and to push them onto the backfoot.
The ongoing war in Ukraine should be an eye-opener for the policymakers to waste no time and leave no stone unturned to ramp up India’s cyber defence mechanisms. Cyber warfare is the future, and India should take note of that. Given the gravity of the imminent crisis, it is important to design policies that offer both short-term and long-term solutions and make enough provisions for accommodating the evolving and changing nature of threats. And rather than leaving it to government, Individuals should do their part by being more responsible, knowledgeable, and vigilant while they use internet.
- Is India prepared to protect itself from cyber-attacks? | Business Standard News (business-standard.com)
- Cyber Security | Government of India, All India Council for Technical Education (aicte-india.org)
- Can India Address the Growing Cybersecurity Challenges in the Nuclear Domain? | ORF (orfonline.org)
- Cyber-security Challenges in India | Jigsaw Academy
- What is cyberwarfare? (techtarget.com)