Safe Cyber Space | Current Affairs & Hindu Analysis: Daily, Weekly & Monthly - UPSC PDF Download

Safe Cyber Space

Why in News? 

• The Indian Cyber Crime Coordination Centre (I4C) recently celebrated its first foundation day with an event in New Delhi. Several important initiatives aimed at enhancing cybercrime prevention were launched during the event.

What is Cyber Security? 

Cyber security refers to the protection of information systems, including hardware, software, and data, from cyber threats. Its primary goal is to prevent unauthorized access, theft, damage, and other malicious activities that could compromise the integrity, confidentiality, and availability of digital information.

Key Terms:

• Cyberspace: The global network of interconnected IT infrastructures, including the Internet, telecom networks, and computer systems, through which data and communications flow.
• Critical Information Infrastructure (CII): Defined under Section 70(1) of the IT Act, CII comprises computer resources whose damage or destruction could seriously affect national security, economic stability, public health, or safety.
• Cyber Attack: A malicious and deliberate attempt to breach information systems, often driven by motives like financial gain, political activism, or espionage.

Types of Cyber Attacks

• Malware: Malicious software like viruses, worms, ransomware, and spyware designed to disrupt systems, steal data, or gain unauthorized access.
• Phishing: Deceptive tactics, usually via email, to trick individuals into sharing sensitive information like login credentials or financial details.
• Denial of Service (DoS) Attacks: These aim to shut down a system by overwhelming it with excessive traffic, rendering it inaccessible to legitimate users.
• Man-in-the-Middle (MitM) Attacks: Intercepting communications between two parties to steal data or manipulate interactions.
• SQL Injection: Inserting malicious code into database queries to access or manipulate data.
• Cross-Site Scripting (XSS): Injecting malicious scripts into websites, which then run in users' browsers, potentially leading to data theft or unauthorized actions.
• Social Engineering: Psychological manipulation to trick individuals into breaking security protocols or revealing confidential information.

Government Initiatives to Counter Cyber Crime: Recent Initiatives

1. Cyber Fraud Mitigation Centre (CFMC): A cooperative platform that brings together banks, telecom service providers, IT intermediaries, and law enforcement agencies to tackle online financial crimes.
2. Samanvay Platform: A web-based module serving as a central repository for cybercrime data, facilitating information sharing, crime mapping, and coordination among Indian law enforcement agencies.
3. Cyber Commandos Program: Aiming to train 5,000 cyber commandos over five years, this initiative seeks to build a cadre of cybersecurity professionals.
4. Suspect Registry: A national registry to track cybercrime suspects, enhancing fraud risk management in the financial ecosystem.

Previous Initiatives

1. Information Technology Act, 2000: The primary law regulating electronic formats, including cybercrimes like hacking, data theft, and cyber terrorism.
2. Indian Cybercrime Coordination Centre (I4C): Established by the Ministry of Home Affairs in 2018, I4C aims to coordinate efforts to combat cybercrime.
3. Indian Computer Emergency Response Team (CERT-In): CERT-In is responsible for managing cybersecurity incidents, vulnerability assessments, and oversight in India's digital landscape.
4. Cyber Surakshit Bharat: Launched by the Ministry of Electronics and IT to raise awareness of cyber threats and support the "Digital India" vision.
5. Cyber Swachhta Kendra: This initiative focuses on identifying and eliminating malicious botnet programs from devices, offering free tools for malware analysis.
6. National Cyber Security Strategy, 2020: Aimed at enhancing cybersecurity awareness and auditing organizations’ security measures.

International Initiatives

1. Budapest Convention on Cybercrime: An international treaty for cooperation on cybercrime. India is not a signatory.
2. Internet Governance Forum (IGF): A global platform for discussing internet governance.
3. UNGA Resolutions: Processes like the Open-ended Working Group (OEWG) and Group of Governmental Experts (GGE) focus on information security.

Challenges Facing Cyber Security in India

1. Rising Cybercrime: The NCRB reported a 24.4% rise in cybercrime cases in 2022, with fraud accounting for 64.8% of incidents.
2. Increasing Internet and Mobile Use: India has over 1 billion smartphone users, with many apps lacking proper security.
3. Proliferation of IoT Devices: Many IoT gadgets have weak security, making them vulnerable to attacks.
4. Complex Software Systems: Modern software complexity often results in security gaps, increasing vulnerabilities.
5. Human Error: Mistakes like misconfigured settings or falling for phishing scams often open the door for attacks.
6. Proxy Servers and VPNs: Attackers hide their locations, complicating detection efforts.
7. Technological Lag: New attack methods often outpace current countermeasures.
8. Lack of Training: Insufficient cybersecurity training leads to vulnerabilities.
9. Shortage of Specialists: A shortage of skilled professionals hampers efforts to secure systems.
10. Terrorist Use of Cyberspace: Terrorist groups increasingly use cyberspace for recruitment and propaganda, and there is growing concern about cyberattacks on critical infrastructure.

Way Forward:

1. Public Awareness Campaigns: Use various media to raise awareness and educate people about cybercrime and how to report it.
2. Strengthen Technological Measures: Invest in advanced technology and foster collaboration between the government, private sector, and international partners.
3. Develop Cyber Security Talent: Create more training opportunities and career pathways in cybersecurity.
4. Continuous Monitoring and Evaluation: Regularly assess cyber initiatives and implement feedback for improvement.
5. Comprehensive Training Programs: Expand training for individuals and organizations on cyber threats and prevention.
6. Investment in Advanced Security Technologies: Prioritize the development of cutting-edge solutions to counter emerging threats.
7. Inter-Agency Coordination: Enhance collaboration between government agencies, private companies, and international organizations to combat cybercrime.