China's cyber attack on India | UPSC Mains: Internal Security & Disaster Management PDF Download

China's cyber attack on India - Daily Current Affair Article

References

In a continuous series of international surveillance and hacking attempts, a Chinese state-backed hacker firm targeting cyber-attacks targeting Indian vaccine manufacturers has been reported.

Introduction

• For the past several years, China is constantly carrying out cyber attacks on India amidst tension on the India and China border. Recently there has been news of a cyber attack on India's vaccine IT system by a Chinese state-backed firm.
• In the past, there have been several cyber attacks on software from various regions of India by China-backed firms. Somewhere this step of China is a call for a kind of cyber war.

What is Cyber Security -

• Cyber security refers to preventing unauthorized access to your Internet and network-based digital devices and protecting information.

Cyber war

• Cyber war is a war fought through the Internet and computers. Many countries continuously conduct cyber warfare exercises to prepare them for any possible cyber attack.
• In this system, websites are stopped with the help of viruses by attacking any other country and attempts are being made to paralyze the government and the industry. Computer spying is also a form of a cyber attack.

Cyber attack on India by Chinese firm:-

• In September 2020, information was received that the Zhenhua Data Information Technology Co, backed by the Chinese government, was monitoring the digital footprint of more than 10,000 Indian individuals and organizations. It was a part of the company's global database of "foreign data goals", in which the company was building a "Global information library". In this, the company was collecting information about people related to web and social media platforms and tracking information such as research papers, articles, and patents. This company targeted not only industries but also prominent positions, judges, scientists and academics, journalists, actors, sportspersons, religious personalities, activists.
• Just a few months later, Massachusetts-based cyber security company Recorded Future published a report. According to this report, a Chinese group called Red Echo is using malware to target a large part of India's electricity sector. During this time, the Chinese firm also attempted to conduct a cyber attack on 4 Regional Load Dispatch Centers and 2 Ports of India. It was also speculated that the Red Echo cyber attack was possibly responsible for the October 12 blackout ((power supply shutdown) in Mumbai, but the Union Energy Minister has denied this possibility.
• A Chinese hacker group known as the Chinese state-backed firm Stone Panda has targeted the IT infrastructure and supply chain software of India's biotech and serum institute, according to a report by Goldman Sachs-backed cyber intelligence firm. This is a link in a series of cyber attacks on India of Chinese government-backed firms. With this, cyber attacks can be carried out on the data of India's Vaccination Program and Vaccine Friendship Program.

Possible reasons for cyber attacks

These cyber-attacks can cause the following

• The border dispute between India and China, which took place in the middle years, took serious form in 2020. This type of cyber attack may increase progressively as bilateral tension increases.
• Somewhere China is trying to change the geopolitical equilibrium with this effort and also wants to establish regional technical supremacy.

Efforts for Cyber security in India

Privacy and data security:-

• Privacy has been declared a fundamental right by the Honorable Supreme Court. Discussions are on in the Indian Parliament on the Data Security Bill which may soon take the form of law. Various provisions have been made for data security in this bill.

Information Technology Act:-

• The 'Information Technology Act, 2000' has been enacted in India. Sections 43, 43A, 66, 66B, 66C, 66D, 66E, 66F, 67, 67A, 67B, 70, 72, 72A and 74 of the Information Technology Act 2000 relate to hacking and cybercrimes. This act is also amended from time to time as per requirement.

National Cyber Security Policy:-

• The National Cyber Security Policy is a policy framework created by the Department of Electronics and Information Technology. Its purpose is to protect public and private infrastructure from cyber attacks.

Key points of cyber security policy

• The Ministry of Communications and Information Technology defines the objectives of the cybersecurity policy as follows
• To create a secure cyber environment in the country, to generate sufficient soundness and trust in the IT system, and to promote the digital economy.
• To create an assurance framework to promote and enable actions for compliance with security policies and global safety standards and best practices through conformance assessment (product, process, technology, and people).
• To strengthen the regulatory framework to ensure a secure cyberspace ecosystem.
• Create scenarios through effective forecasting, preventive protective response, and recovery actions for response resolution and crisis management to achieve strategic information for ICT infrastructure to enhance and build national and regional level 24 * 7 mechanisms
• Capacity building to create a workforce for 500000 professionals skilled over the next 5 years through skills and training.
• To provide financial benefits to businesses for adopting standard security practices and procedures.

CERT-IN:-

• The Indian Computer Emergency Response Team (CERT-IN) is the nodal agency for analyzing, estimating, and warning cybersecurity threats.

Cyber Suraksha Kendra

• Efforts are being made to make cyberspace crime-free by setting up 'Cyber Suraksha Kendra' under the Digital India campaign.

The conclusion

• India's worries have increased due to continuous cyberattacks by China. This is not only an attack on India's technical sovereignty but also an attempt to weaken India strategically. So far there has been no significant loss from the attacks which shows the cyber response capability of India.
• It is necessary that India supports the Budapest Convention to prevent such international cyber attacks. In the current technological age, it is in the interest of the whole world.