GS3 PYQs (Mains Answer Writing): Cybercrimes | UPSC Mains: Internal Security & Disaster Management PDF Download

Q1: Social media and encrypting messaging services pose a serious security challenge. What measures have been adopted at various levels to address the security implications of social media? Also suggest any other remedies to address the problem. (Answer in 250 words)
Ans: Introduction
Social media and encrypted messaging services have transformed communication in India, enabling connectivity and information sharing. However, they pose significant risks to national security, public safety, and social cohesion by facilitating misinformation, crime, and unrest.

Security Challenges of Social Media and Encrypted Messaging Services

• Misinformation: False information spreads rapidly, inciting unrest (e.g., manipulated content during the 2022 Russia-Ukraine War).
• Radicalization: Extremists use encrypted apps for recruitment (e.g., ISIS on Telegram).
• Cybercrime: Platforms enable scams and identity theft (e.g., 2023 deepfake scams using celebrity faces).
• Data Privacy: User data misuse raises concerns (e.g., 2018 Cambridge Analytica scandal).
• Digital Warfare: Platforms are exploited for disinformation and state agendas (e.g., 2020 U.S. election interference by Russia).

Measures to Address Social Media Security Challenges

• IT Act 2000: Regulates online content; Section 69A allows content blocking for security, and Section 79(1) provides intermediaries conditional immunity (e.g., 2020 ban on 59 Chinese apps).
• IT Rules 2021: Require content moderation and user privacy notifications (e.g., Twitter’s 2021 compliance issues).
• Grievance Officers: Platforms must appoint officers to address complaints (e.g., Meta’s appointment of Spoorthi Priya in 2022).
• Fact-Checking: Platforms must remove government-flagged false content (e.g., 2023 rule under Supreme Court scrutiny).

Conclusion
India can foster a secure digital environment through technological solutions, digital literacy, and stakeholder collaboration. Balancing national security with individual privacy is key to ensuring a safe and thriving digital ecosystem for all citizens.

Q2: Discuss different types of cybercrimes and measures required to be taken to fight the menace.
Ans: Cybercrime is any criminal activity that involves a computer, networked device or a network. While most cybercrimes are carried out in order to generate profit for the cybercriminals, some cybercrimes are carried out against computers or devices directly to damage or disable them, while others use computers or networks to spread malware, illegal information, images or other materials.
Types of Cybercrime 

• Hacking: Hacking is simply any unauthorized access of a computer system. Sometimes, hacking can be fairly harmless, such as rewriting sections of an existing software program to allow access to features the original designer did not intend. 
• Viruses, Worms, Malware and Ransom ware: Many types of malicious software can be delivered by a wide range of means. In the case of most viruses, they need to actually be downloaded in some way onto a hard drive. In targeted attacks, a victim may receive an innocent-looking email that is ostensibly from a co-worker or trusted individual containing a link to click on or file to download. 
• Cyber extortion: A crime involving an attack or threat of an attack coupled with a demand for money to stop the attack. 
• Crypto jacking: An attack that uses scripts to mine crypto currencies within browsers without the user’s consent. Crypto jacking attacks may involve loading crypto currency mining software to the victim’s system. 
• Cyber espionage: A crime involving a cybercriminal who hacks into systems or networks to gain access to confidential information held by a government or other organization. Attacks may be motivated by profit or by ideology. 
• Exit scam: The dark web, not surprisingly, has given rise to the digital version of an old crime known as the exit scam. In today’s form, dark web administrators divert virtual currency held in marketplace escrow accounts to their own accounts — essentially, criminals stealing from other criminals. 

Ways to prevent cyber-crimes 

• By Using Strong Passwords: Maintaining different password and username combinations for each of the accounts and withstand the desire to write them down. Weak passwords can be easily broken. 
• Keep social media private: Be sure that your social networking profiles (Facebook, Twitter, YouTube, etc.) are set to be private. Once be sure to check your security settings. Be careful with the information that you post online. Once if you put something on the Internet and it is there forever. 
• Protect your storage data: Protect your data by using encryption for your important diplomatic files such as related to financial and taxes. 
• Protecting your identity online: We have to be very alert when we are providing personal information online. You must be cautious when giving out personal ids such as your name, address, phone number, and financial information on the Internet. 
• Keep changing passwords frequently: When it comes to password, don’t stick to one password. You can change your password frequently so that it may be difficult for the hackers to access the password and the stored data. 
• Securing your Phones: Many people do not know that their mobile devices are also unsafe for malicious software, such as computer viruses and hackers. Make sure that you download applications only from trusted sources. Don’t download the software /applications from unknown sources. It is also pivotal that you should keep your operating system up-to-date. 
• Call the right person for help: Try not to be nervous if you are a victim. If you come across illegal online content such as child exploitation or if you think it’s a cyber-crime or identity theft or a commercial scam, just like any other crime report this to your local police. There are so many websites to get help on cyber-crime. 
• Protect your computer with security software: There are many types of security software that are necessary for basic online security. Security software includes firewall and antivirus software. A firewall is normally your computer’s first line of security. It controls that that, what and where is the communication is going on the internet. So, it’s better to install security software which is from trusted sources to protect your computer. 
• Further, Government has taken several steps to prevent and mitigate cyber security incidents. 

These include: 

• Establishment of National Critical Information Infrastructure Protection Centre (NCIIPC) for protection of critical information infrastructure in the country. 
• All organizations providing digital services have been mandated to report cyber security incidents to CERT-In expeditiously. 
• Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) has been launched for providing detection of malicious programmes and free tools to remove such programmes. 
• Issue of alerts and advisories regarding cyber threats and counter-measures by CERT-In. 
• Issue of guidelines for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities for securing applications / infrastructure and compliance. 
• Provision for audit of the government websites and applications prior to their hosting, and thereafter at regular intervals. 
• Empanelment of security auditing organisations to support and audit implementation of Information Security Best Practices. 
• Formulation of Crisis Management Plan for countering cyber-attacks and cyber terrorism. 
• Conducting cyber security mock drills and exercises regularly to enable assessment of cyber security posture and preparedness of organizations in Government and critical sectors. 
• Conducting regular training programmes for network / system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organisations regarding securing the IT infrastructure and mitigating cyber-attacks. 

Conclusion
In day-to-day life, everyone is leading their life with technology. Our daily life depends on technology. So, nowadays everybody knows the internet and aware of it. The Internet has everything that a man needs in terms of data. So, people are becoming addicted to the Internet. The percentage of the population using the internet is increasing day-by-day. National security is in some way getting dependent on the internet. But the new technologies which have arrived also brought unusual threats and Cyber-Crime is one such concept.