Open In App

Cyber Security in India: Challenges and Measures

Improve
Improve
Like Article
Like
Save
Share
Report

Over the past five years, the number of cybercrime cases has steadily increased. Cybercrime is on the rise in India with the increasing use of Information and Communication Technology (ICT). But despite this alarming trend, law enforcement’s ability to investigate cybercrime remains limited. This is an important issue for exams like UPSC, State PSC, SSC, etc and aspirants need to read it in detail.

Why there is a need for Cybersecurity?

  • Cyber ​​attacks on the rise: According to the National Crime Records Bureau (NCRB), in 2016 he had 12,317 cybercrime cases, and in 2020 he had 50,035 recorded. A quarter of Indian companies have been hit by ransomware attacks in 2021. This is above the global average of 21%.
     
  • Increased digital usage after Covid: Critical infrastructures such as financial services, banking, energy, manufacturing, and nuclear power plants are rapidly going digital.
     
  • Cyber terrorism: It is a deliberate, politically motivated attack on information, computer systems, computer programs, and data that results in violence.
     
  • To protect critical sectors: This is especially important given the increasing interconnectivity between sectors and the proliferation of entry points to the internet. This could increase further with the deployment of 5G. According to information reported and tracked by the Computer Emergency Response Team of India (CERT-In), 6.97 million cybersecurity incidents were reported in the first eight months of 2020. This is roughly the sum of the last four years.
    Local, state or central governments manage vast amounts of sensitive data relating to countries (geographic, military-strategic assets, etc.) and their citizens.
     
  • For Individuals: Photos, videos, and other personal information that a person shares on her social networking sites could be used inappropriately by others, leading to serious and even life-threatening incidents.
     
  • For Businesses: Enterprise systems contain large amounts of data and information. Cyberattacks can lead to the loss of competitive information (such as patents and original works), the loss of employee/customer personal data, and the complete loss of public confidence in the integrity of the organization. 

Major Challenges in Cyber Security:

  • No procedural rules: There are no separate rules of procedure for investigating cybercrime or computer crime.
    Electronic evidence is very different from traditional criminal evidence, so it is essential to establish standardized and consistent procedures for handling electronic evidence. 
     
  • Shortage of technical staff: There are minimal efforts by states to recruit technical personnel to investigate cybercrime.
    A regular police officer with a background in humanities and business administration may not understand the nuances of how computers and the Internet work.
    Additionally, the Information Technology (IT) Act of 2000 maintains that offences registered under the Act should be investigated by police officers, not below the rank of inspector.  In practice, the number of police inspectors in the district is limited and most field investigations are conducted by deputy inspectors.
     
  • Lack of Infrastructure – Cyber labs: State cyber forensics labs need to be upgraded as new technologies emerge. Cryptocurrency-related crime continues to be underreported due to the limited ability to solve such crimes. Most government cyber labs are well equipped to analyze hard drives and mobile phones, but many still employ “electronic evidence examiners” so they can provide an expert opinion on electronic records. Not specified. 
     
  • Need for localization: Most cybercrime is transnational and extraterritorial. Collecting evidence from foreign territories is not only a difficult but time-consuming process. Other than the immediate suspension of objectionable websites and accounts of suspects in most social media crimes, other details are not readily available from big tech companies. 
    Therefore, “data localization” should be included in the proposed Personal Data Protection Act to ensure law enforcement agencies have timely access to suspected data of Indian citizens. 

Important steps were taken by the Government:

  • Information Act 2000: The Information Act, of 2000 is the primary law to combat cybercrime and digital commerce in India.
     
  • National Cyber ​​Security Policy, 2013: This policy provides a vision and strategic direction for protecting the nation’s cyberspace.
     
  • CERT-In (Cyber ​​Emergency Response Team – India): CERT-In has been operational since 2004. It is a national focal point for immediate response to computer security incidents as they occur.
     
  • India’s Cyber ​​Crime Coordination Center (I4C): A comprehensive and coordinated response to all types of cybercrime. Cyber ​​Swachhta Kendra: Launched in early 2017, Cyber ​​Swachhta Kendra provides users with a platform to analyze and clean their systems from various viruses, bots/malware, Trojans, etc. 
     
  • Cyber ​​Suraksit Bharat: The Ministry of Electronics and Information Technology launched the Cyber ​​Surakshit Bharat initiative to raise awareness of cybercrime and build the security response capabilities of the Chief Information Security Officer (CISO) of all government departments and his IT staff on the front lines.
     
  • Cyber ​​Warrior Police: In 2018, the government announced plans to implement his CWPF. It is proposed to be brought under the guidelines of the Central Armed Police Force (CAPF).
     
  • Cybercrime prevention programs for women and children: The program, run by the Ministry of Home Affairs, aims to prevent and reduce cybercrime against women and children.

Way ahead:

  • Build skills: There is an urgent need to build skills and capabilities for application, device, and infrastructure testing.
     
  • Maintain staff: There is an urgent need to pay attention to human resource development to increase the number of professionals who can effectively manage cybersecurity in the country. 
     
  • Research and Development: We need to invest in research and development to create more innovative technologies to combat the growing cybersecurity threat.
     
  • Politics and Governance: It is important to formulate sound policies and implement them effectively. Additionally, roles and responsibilities should be clearly defined to ensure smooth functioning and better coordination between departments and stakeholders. 
     
  • Awareness: Regular awareness campaigns by governments and large private sector organizations should be conducted to make people aware of Cybersecurity threats.
     
  • Strengthening private partnerships: Strengthening public-private partnerships in cybersecurity is critical.
     

Last Updated : 04 Nov, 2022
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads