GS3 PYQ 2021 (Mains Answer Writing): Cross- Border Cyber Attacks | UPSC Mains: Internal Security & Disaster Management PDF Download

Keeping in view India’s internal security, analyse the impact of cross-border cyber attacks. Also discuss defensive measures against these sophisticated attacks.  (UPSC MAINS GS3 2021)

Chinese Group named as “Red Echo”  was possibly behind a malware attack “Shadow pad”  that aimed to attack on the India’s critical information infrastructure such as Ports, power systems etc. ICT has seen a lot of dependence in the recent times. Sectors such as Banking & Finance, Transportation, Nuclear power facilities, Space sector, Power transmission etc. are dependent on ICT contributing to the rapid advancements in the field of ICT and economic growth to make our lives much more easier.  Cyber space has become highly vulnerable to cyber attacks and Crimes. Unlike the geographical boundaries such ( Land, water), Cyberspace is without geographical limitation. It is completely borderless and hence protection of Cyberspace becomes even more challenging.
The impact of the Cyber Attacks

• Financial loss: According to the Data Security Council of India, India has been the second most cyber attacks affected country where Cyber crimes in India have caused Rs 1.25 lakh crore loss in 2019.
• Affects the Confidentiality, Integrity and Availability of information. 
• Cyber attacks on these critical information infrastructure can bring the entire country to a grinding halt. 
• Effect the National Security and peace and stability of a country.
• As in case of the Individuals personal information and privacy faces the most dangerous situation. 
• Companies possessing crucial data and information on their systems in times of an cyber attack may lead to loss of competitive information, loss of employees/customers private data resulting into complete loss of public trust on the integrity of the organization.
• A local, state or central government maintains huge amount of confidential data related to country (geographical, military strategic assets etc.) and citizens. Unauthorized access to the data can lead to serious threats on a country.
• There are certain inherent vulnerabilities that cannot be removed.
• The effect of the attack too can outpace the defence technology, security of the country.

Defensive measures against the sophisticated attacks

• The International Telecommunication Union (ITU) released Global Cyber Security Index in 2017 where India was placed at 23rd rank among 165 countries. The relatively higher ranking of India shows that India has taken adequate measures for the protection of cyber space.
• Section 66F of ITA:
• National Cyber Security Policy 2013 Established National Critical Information Infrastructure Protection Centre (NCIIPC) to improve the protection and resilience of the country’s critical infrastructure.
• CERT-IN: has an objective of securing Indian cyberspace. The purpose of CERT-In is to respond to computer security incidents, report on vulnerabilities and promote effective IT security practices throughout the country. 
• Cyber Surakshit Bharat Initiative: spreads awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
• The National Cyber Coordination Centre (NCCC): It seeks to generate necessary situational awareness of existing and potential cyber security threats and enable timely information sharing for proactive, preventive and protective actions by individual entities.
• The Information Security Education and Awareness Project (ISEA) where there is Training of personnel to raise awareness and to provide research, education and training in the field of Information Security.

The  Budapest Convention is the first international treaty seeking to address Internet and computer crime by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. India has not joined this convention. This is because the convention allows for cross border access to data to carry out investigation and India believes that such cross border access to data can infringe on National Sovereignty.
Therefore the government is putting excessive attention to Provide tax incentives to companies to upgrade information infrastructure and go for more and more Investment in R&D to improve Cyber Security- Big data, AI.

Topics Covered - Cyber Security