The Hindu Editorial Analysis - 10th May 2024 | Current Affairs & Hindu Analysis: Daily, Weekly & Monthly - UPSC PDF Download

AI-infused world needs matching cybersecurity 

Why in News?

Last year, an incident of a frantic mother who had received an ominous call from “kidnappers” who had ‘kidnapped’ her daughter, raised an alarm in the U.S. Senate about the detrimental impact of artificial intelligence. The news took the nation by a storm as the said “kidnappers” and the daughter’s voice were nothing but hackers utilising generative AI to extort money. With such instances on the rise, the human perception of what is real and what is merely generative AI is slowly eroding.

What is AI?

• Definition of AI: AI refers to the capacity of computers or computer-controlled robots to perform tasks typically requiring human intelligence.
• Capabilities: While AI cannot replicate the breadth of human abilities, certain AI systems can equal humans in specific tasks.
• Characteristics of AI: The primary characteristic of AI is its capacity to reason and make decisions aimed at achieving particular objectives effectively.
• Subset: Machine Learning (ML): ML is a subset of AI that enables automatic learning from vast amounts of unstructured data, including text, images, and videos.
• Deep Learning (DL): DL techniques facilitate this automatic learning process by processing extensive amounts of unstructured data.

What are the Differences Between AI, ML and DL?

• The term AI, coined in the 1950s, refers to the simulation of human intelligence by machines. AI, ML and DL are common terms and are sometimes used interchangeably. But there are distinctions.
  • ML is a subset of AI that involves the development of algorithms that allow computers to learn from data without being explicitly programmed.
    • ML algorithms can analyze data, identify patterns, and make predictions based on the patterns they find.
  • DL is a subset of ML that uses artificial neural networks to learn from data in a way that is similar to how the human brain learns.

What are the Different Categories of AI?

Weak AI/Narrow AI:

• Definition: This type of AI is restricted to a specific domain and simulates human cognition within that domain.
• Benefits to Society: Weak AI can streamline tasks that are time-consuming for humans and can analyze data in ways beyond human capacity.
• Examples: Video games such as chess and personal assistants like Amazon's Alexa and Apple's Siri.

Strong AI:

• Definition: Strong AI systems are capable of human-like tasks and are more intricate and complex.
• Functionality: They are programmed to handle situations autonomously, without human intervention, and can engage in problem-solving tasks.
• Examples: Applications like self-driving cars utilize strong AI capabilities.

What are the Different Types of AI?

Reactive AI:

• Definition: Reactive AI utilizes algorithms to optimize outputs based on given inputs, such as in chess-playing AI.
• Characteristics: It operates based on predefined strategies and is static, producing consistent outputs with identical inputs.
• Example: Chess-playing AI optimizes strategies to win games but cannot adapt to new situations.

Limited Memory AI:

• Definition: This AI type can adapt to past experiences or update based on new data but with limitations on updating and memory length.
• Characteristics: It can learn from past experiences and adapt to novel situations within its memory constraints.
• Example: Autonomous vehicles can read the road and learn from past experiences to navigate effectively.

Theory-of-Mind AI:

• Definition: These AI systems are highly adaptive and possess extensive learning capabilities, retaining past experiences.
• Characteristics: Advanced chatbots are an example, capable of passing the Turing Test by convincingly imitating human behavior.
• Example: Chatbots that simulate human-like conversations to the extent of fooling people into believing they're interacting with a human.

Self-aware AI:

• Definition: This AI type achieves sentience and awareness of its own existence, though currently confined to science fiction.
• Characteristics: Speculative experts debate whether AI can ever attain consciousness or life.
• Example: Instances in science fiction depict AI reaching a level of self-awareness akin to human consciousness, though this remains theoretical.

What is the Difference Between Augmented Intelligence and AI?

• Artificial Intelligence (AI): AI focuses on developing machines capable of autonomous task performance, minimizing or eliminating the need for human intervention.
• Augmented Intelligence: Augmented Intelligence aims to enhance human intelligence using technology rather than replacing it.

Goal Difference:

• AI Goal: The goal of AI is to create machines capable of tasks requiring human intelligence, such as decision-making and problem-solving, often without human involvement.
• Augmented Intelligence Goal: Augmented Intelligence seeks to improve human capabilities by providing tools and technologies that aid in making better decisions and solving problems more efficiently, working in tandem with humans.

What are the Applications of AI in Different Sectors?

Healthcare:

• Objectives: Enhance diagnosis accuracy, personalize treatment, improve patient outcomes, streamline operations, and accelerate medical research.
• Recent Development: The Indian Council of Medical Research (ICMR) released ethical guidelines for AI application in healthcare, emphasizing patient-centric principles.

Business:

• Functions: Optimizing operations, improving decision-making, automating tasks, enhancing customer service, enabling personalized marketing, analyzing big data, detecting fraud, managing supply chains, and fostering innovation.
• Example Collaboration: IIT Kharagpur partnered with Amazon Web Services to develop the National AI Resource Platform (NAIRP), which holds potential for personalized teaching and learning methods.

Education:

• Opportunities: AI enables innovative and personalized learning approaches catering to diverse abilities.
• Example Application: Initiatives like the National AI Resource Platform (NAIRP) aim to monitor student engagement through eye movement and motion analysis.

Judiciary:

• Applications: Improving legal research, automating documentation, enhancing court processes, facilitating online dispute resolution, aiding legal decision-making, and increasing access to justice through virtual legal assistance.
• Notable Systems: SUVAS assists in translating judgments into regional languages, while SUPACE was launched by the Supreme Court of India to improve court efficiency.

Cybersecurity/Security:

• Uses: Detecting and preventing cyber threats, identifying anomalies, analyzing data for vulnerabilities, strengthening security measures, automating threat response, and providing real-time intelligence.
• Importance: AI plays a crucial role in enhancing security measures and defending against cyber attacks.

What are the Advantages of AI?

• Enhanced Accuracy: AI algorithms can analyze vast amounts of data with precision, reducing errors and improving accuracy in various applications, such as diagnostics, predictions, and decision-making.
• Improved Decision-Making: AI provides data-driven insights and analysis, assisting in informed decision-making by identifying patterns, trends, and potential risks that may not be easily identifiable to humans.
• Innovation and Discovery: AI fosters innovation by enabling new discoveries, uncovering hidden insights, and pushing the boundaries of what is possible in various fields, including healthcare, science, and technology.
• Increased Productivity: AI tools and systems can augment human capabilities, leading to increased productivity and output across various industries and sectors.
• Continuous Learning and Adaptability: AI systems can learn from new data and experiences, continually improving performance, adapting to changes, and staying up-to-date with evolving trends and patterns.
• Exploration and Space Research: AI plays a crucial role in space exploration, enabling autonomous spacecraft, robotic exploration, and data analysis in remote and hazardous environments.

What are the Disadvantages of AI?

• Job Displacement: AI automation may lead to the displacement of certain jobs as machines and algorithms can perform tasks that were previously done by humans. This can result in unemployment and require re-skilling or retraining of the workforce.
• Ethical Concerns: AI raises ethical concerns such as the potential for bias in algorithms, invasion of privacy, and the ethical implications of autonomous decision-making systems.
• Reliance on Data Availability and Quality: AI systems heavily rely on data availability and quality. Biased or incomplete data can lead to inaccurate results or reinforce existing biases in decision-making.
• Security Risks: AI systems can be vulnerable to cyber attacks and exploitation. Malicious actors can manipulate AI algorithms or use AI-powered tools for nefarious purposes, posing security risks.
• Overreliance: Blindly relying on AI without proper human oversight or critical evaluation can lead to errors or incorrect decisions, particularly if the AI system encounters unfamiliar or unexpected situations.
• Lack of Transparency: Some AI models, such as deep learning neural networks, can be difficult to interpret, making it challenging to understand the reasoning behind their decisions or predictions (referred to as the "black box" problem).
• Initial Investment and Maintenance Costs: Implementing AI systems often requires significant upfront investment in infrastructure, data collection, and model development. Additionally, maintaining and updating AI systems can be costly.

How Vulnerable is India to Cyber Attacks?

Internet Usage in India:

• In 2022, over 52% of India's population, approximately 759 million people, accessed the internet at least once a month.
• India ranks as the second-largest online market globally, trailing only China.

Growth Projection:

• By 2025, internet usage in India is expected to increase to 900 million individuals, indicating substantial growth in online activity.

Digital Economy Expansion:

• Various sectors including healthcare, education, finance, retail, and agriculture are increasingly relying on online platforms and services, contributing to India's rapidly expanding digital economy.

Cybersecurity Challenges:

• Despite the growth in digitalization, India faces cybersecurity challenges due to outdated or inadequate infrastructure, policies, and awareness.
• These deficiencies make it easier for hackers, including state-sponsored and non-state actors, to exploit vulnerabilities in the system.

Threat Landscape:

• India encounters sophisticated and persistent cyber threats targeting its strategic, economic, and national interests.
• Hackers exploit gaps and weaknesses in India's cybersecurity infrastructure, posing significant risks to the nation's digital security.

What are the Challenges Posed by Cyber Attacks on India?

Critical Infrastructure Vulnerability:

• India's critical infrastructure, including power grids, transportation systems, and communication networks, is susceptible to cyber attacks that could disrupt essential services and jeopardize public safety and national security.
• Example: In October 2019, there was an attempted cyber-attack on the Kudankulam Nuclear power plant, highlighting the potential risks to critical infrastructure.

Financial Sector Threats:

• The financial sector in India faces a significant risk of cyberattacks from cybercriminals aiming to profit from stealing or extorting money.
• Example: In March 2020, a malware attack on the City Union Bank's SWIFT system resulted in unauthorized transactions totaling USD 2 million, underscoring the financial sector's vulnerability.

Data Breaches and Privacy Concerns:

• The move towards a digital economy in India increases the risk of data breaches, where hackers access and leak sensitive information, posing serious privacy and security concerns.
• Example: In May 2021, personally identifiable information (PII) and test results of 190,000 CAT exam candidates were leaked, raising alarms about data security.

Cyber Espionage:

• India is a target for cyber espionage activities seeking to steal confidential information for strategic advantage, potentially affecting national security, foreign policy, and economic development.
• Example: In 2020, Operation SideCopy, attributed to a Pakistani threat actor, targeted Indian military and diplomatic personnel with malware and phishing emails, highlighting the risk of cyber espionage.

Advanced Persistent Threats (APTs):

• APTs, sophisticated and prolonged cyber attacks by well-resourced groups, pose a significant challenge by infiltrating networks to steal or manipulate data.
• Example: In February 2021, a China-linked APT group targeted entities in India's power sector with malware that could cause power outages, showcasing the severity of APT attacks.

Supply Chain Vulnerabilities:

• Weaknesses in software or hardware components used by government and businesses create supply chain vulnerabilities, which cyber attackers exploit to compromise systems and cause widespread damage.
• Example: In December 2020, a global cyberattack on SolarWinds affected several Indian organizations, including NIC, MeitY, and BHEL, highlighting the impact of supply chain vulnerabilities on India's cybersecurity.

What are the Initiatives Regarding Cyber Security?

What Should India Do Further to Save Itself from Cyber attacks?

• Strengthening Existing legal Framework: India’s primary legislation governing cyber crimes is the Information Technology (IT) Act of 2000, which has been amended several times to address new challenges and threats.
  • However, the IT Act still has some gaps and limitations, such as the lack of clear definitions, procedures, and penalties for various cyber offences, and the low conviction rate of cyber criminals.
  • India needs to enact comprehensive and updated laws that cover all aspects of cyber security, such as cyber terrorism, cyber warfare, cyber espionage, and cyber fraud.
• Enhancing Cyber Security Capabilities: India has several initiatives and policies to improve its cyber security, such as the National Cyber Security Policy, the Cyber Cells and Cybercrime Investigation Units, the Cyber Crime Reporting Platforms, and the Capacity Building and Training programs.
  • However, these efforts are still inadequate and fragmented, as India faces a shortage of technical staff, cyber forensics facilities, cyber security standards, and coordination among various stakeholders.
  • India needs to invest more in developing its human and technological resources, establishing cyber security centers of excellence, adopting best practices and standards, and fostering collaboration and information sharing among different agencies and sectors.
• Establish a Cyber Security Board: India must establish a cyber security board with government and private sector participants that has the authority to convene, following a significant cyber incident, to analyse what happened and make concrete recommendations for improving cybersecurity.
  • Adopt a zero-trust architecture, and mandate a standardised playbook for responding to cybersecurity vulnerabilities and incidents. Urgently execute a plan for defending and modernising state networks and updating its incident response policy.
• Expanding International Cooperation: India is not alone in facing the challenges of cyber security, as cyber attacks transcend national boundaries and affect the global community.
  • India needs to engage more with other countries and international organisations, such as the United Nations, the International Telecommunication Union, the Interpol, and the Global Forum on Cyber Expertise, to exchange best practices, share threat intelligence, harmonise cyber laws and norms, and cooperate in cyber investigations and prosecutions.
  • India also needs to participate more actively in regional and bilateral dialogues and initiatives, such as the ASEAN Regional Forum, the BRICS, and bilateral forums it has like Indo-US Cyber Security Forum, to build trust and confidence, and to address common cyber security issues and interests.