Important Articles & Blogs

Cyber Crime Security and Threats Related to Social MediaCyber security is the application of technologies, processes, and controls to protect systems, networks, programs, devices and data from cyber attacks. It aims at reducing the risk of cyber attacks and protecting against the unauthorized exploitation of systems, networks, and technologies. It is also known as information technology (IT) security or electronic information security. Technology has its own benefits and challenges. With the growth of the internet and proliferation of applications, products & services on it, citizens are being empowered and their lives transformed. However, with the growth of the internet, cyber crimes are also on the increase.While it enhances our life in almost all the aspects whether its health care, education, transport, communication, smart cities etc., there are various challenges which need to be overcome to prevent the ill occurrences due to technology.Cyber security poses biggest threat as far as technology is concerned.   With technology protocols, still being developed and evolving at a gradual pace, it is very difficult to avoid such cyber-attacks. The motivations for perpetrators of cyber threats extend beyond financial gain and include revenge, personal thrill, activist causes, deep rooted anti-establishment sentiments, and a need to prove self-worth by showcasing professional skills in hacking complex security systems. Cyber criminals range from individuals or small groups to large-scale organized efforts by criminal networks and foreign entities.  Cyber crime has been around for some 40 years and is not a new form of crime. However, with the evolution of the information dependent society relying heavily on information and communication technology (ICT), the cyber crime vulnerability of societies worldwide has increased substantially. Effects of Cyber CrimesUndermine confidence in and credibility of ICTPose a serious threat to the fundamental rights of individuals, example- large-scale theft of personal data that affects the right to privacy, attacks against the dignity and integrity of individuals, in particular childrenPose threat to the rule of law in cyberspace and to democratic societies. Example- attacks against media or civil society organisations affecting the freedom of expression, attacks against governments, parliaments and other democratic institutions as well as public infrastructure, or the misuse of ICT for xenophobia and racism or radicalisation, and terrorist purposes thus threatening democratic stability. Cause economic risks to societies and erodes human development opportunitiesA grave threat to international peace and stability. Out of the reported trillions of security incidents that are noted each year and millions of attacks against computer systems and data are recorded every day, only a small share is actually reported to criminal justice authorities. Cyber Security Situation in IndiaIndia is one of the fastest-growing markets for digital technologies. It has witnessed rapid digitization in almost all spheres of public life. The country has over 1.15 billion phones and more than 700 million internet users, and this number is growing. There is greater and easy access to financial services even for rural populations. Missions like Make in India and Digital India are accelerating government’s push towards realising its Digital India mission. The government has pushed for as much digital adoption as possible over the past five years.In 2021, India’s UPI (Unified Payments Interface) handled 39 billion transactions amounting to $940 billion – more than 30% of the country’s GDP. In 2020-21, digital payment systems in India recorded a robust growth of 26.2% in volume.Cyber security threats are on the rise in the country and small and medium sized businesses have been a soft target when compared to larger firms, especially in tier-2 and tier-3 cities, due to their lack of preparedness and resources. The lack of right technologies and the unavailability of skilled manpower further adds to this vulnerability. Any successful cyber attack on a critical asset such as a power grid will have a multiplier effect, crippling communications, transportation and even endangering the health and safety of citizens.The rapid growth in the Indian digital payment industry, the trend of work-from-home (WFH), the increased usage of varied end-point devices and the lack of a secure environment for users to work in (due to the WFH model) has also resulted in increased cyber attacks by providing a huge target base and a large platform for launching such attacks. The pandemic inflated the dependence on digital technologies and proved to be a threat for India’s cyber security.In the year 2020, CERT-In handled 1,158,208 incidents, which included Website Intrusion and Malware Propagation, Malicious Code, Phishing, Distributed Denial of Service attacks, Unauthorized Network Scanning/Probing activities, Ransomware attacks, Data Breach and Vulnerable Services.    Some Recent Cyber Attacks in IndiaLeaks of Covid-19 test resultsCyber attack on systems of the national airline Air India in 2021, that resulted in the leakage of personal data of 4.5 million passengers.In October 2019, there was an attempted cyber-attack on the Kudankulam Nuclear power plant.In February 2022, a suspected ransomware attack knocked out the management information system (MIS) at Jawaharlal Nehru Port Container Terminal (JNPCT).India witnessed over 18 million cyber attacks and threats, at an average of nearly 200,000 threats every day, in the first three months of 2022, according to US-based cyber security firm, Norton.The push towards digitization has has its own brownies, however, the lack of cyber security environment leaves the digital drive incomplete and sick. This is evident from the increased UPI frauds, debit or credit card cloning, and swapping of mobile SIM cards. According to a study by US cyber tech firm CrowdStrike, on an average, companies across the world take seven days to respond to cyber security breaches, in contrast, Indian companies take around nine days. These statistics push India to the bottom of the list when it comes to dealing with cyber security threats and attacks. Types of cyber threatsThe threats countered by cyber-security are three-fold:1. Cyber-crime- targeting systems for financial gain or to cause disruption.2. Cyber-attack- often involves politically motivated information gathering.3. Cyber-terrorism- disrupting electronic systems to cause panic or fear.  Methods used to threaten cyber-security:(1) Malware or malicious software- A software created by a cyber criminal or hacker to damage a user’s computer. It is often spread via an unsolicited email attachment or legitimate-looking download, malware may be used by cyber criminals to make money or in politically motivated cyber-attacks. There are a number of different types of malware, including:Virus- A self-replicating program that attaches itself to a file and spreads throughout a computer system.Trojans- A type of malware that is disguised as legitimate software which when downloaded, can cause damage to or collect data from the system.Spyware- A program that secretly records what a user does and makes use of this information. For example, capturing credit card details.Ransomware- It locks down a user’s files and data, with the threat of erasing it unless a ransom is paid.Adware- Advertising software which can be used to spread malware (2) Phishing/ social engineering- Victims are targeted with emails that appear to be from a legitimate source asking for sensitive information. Phishing attacks are often used to fool people into handing over sensitive information. (3) Man-in-the-middle attack- Attack in which a cyber criminal intercepts communication between two individuals in order to steal data. For example, intercepting data being passed from the victim’s device and the network on an insecure WiFi network. (4) Denial-of-service attack- An attack in which cyber criminals prevent a computer system from fulfilling legitimate requests by trafficking the networks and servers. This renders the system unusable, preventing an organization from carrying out vital functions. (5) Advanced persistent threats (APTs)- In an APT, an intruder or group of intruders infiltrate a system and remain undetected for an extended period and steal sensitive data while avoiding the activation of defensive countermeasures. The recent Solar Winds breach of United States government systems is an example of an APT. The Indian Government’s InitiativesCentral Government has taken steps to spread awareness about cyber crimes to prevent them and to speed up investigation. A scheme has been rolled out for establishment of Indian Cyber Crime Coordination Centre (I4C) to handle issues related to cyber crime in the country in a comprehensive and coordinated manner. Joint Cyber Coordination Teams have been constituted for seven regions at Mewat, Jamtara, Ahmedabad, Hyderabad, Chandigarh, Vishakhapatnam and Guwahati under the I4C to address the issue of jurisdictional complexity, based upon cyber crime hotspots/ areas.‘Police’ and ‘Public Order’ are State subjects as per the Seventh Schedule of the Constitution of India. States/UTs are primarily responsible for prevention, detection, investigation and prosecution of crimes through their law enforcement machinery. The Law Enforcement Agencies take legal action as per provisions of law against the cyber crime offenders.The Ministry of Home Affairs has provided financial assistance to all the States & UTs under Cyber Crime Prevention against Women & Children (CCPWC) scheme to support their efforts for setting up of cyber forensic-cum-training laboratories, training, and hiring of junior cyber consultants.      Government has taken several other steps to prevent and mitigate cyber security incidents. These include:Establishment of National Critical Information Infrastructure Protection Centre (NCIIPC) for protection of critical information infrastructure in the country.All organizations providing digital services are mandated to report cyber security incidents to Computer Emergency Response Team- India (CERT-In).Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) has been launched for providing detection of malicious programmes and free tools to remove such programmes.Issue of alerts and advisories regarding cyber threats and counter-measures by CERT-In.Issuance of guidelines for Chief Information Security Officers (CISOs) and Conducting regular training programmes for network / system administrators and Chief Information Security Officers (CISOs).Provision for audit of the government websites and applications at regular intervals.Empanelment of security auditing organisations to support and audit implementation of Information Security Best Practices.Formulation of Crisis Management Plan for countering cyber attacks and cyber terrorism.Conducting cyber security mock drills and exercises regularly to assess cyber security preparedness of organizations in Government and critical sectors.CERT-In has set up the National Cyber Coordination Centre (NCCC) to generate necessary situational awareness of existing and potential cyber security threats.CERT-In works and coordinates incident response measures with international CERTs, overseas organisations, service providers and Law Enforcement Agencies.CERT-In provides the requisite leadership for the Computer Security Incident Response Team-Finance Sector (CSIRT-Fin) operations under its umbrella to mitigate cyber security incidents reported from the financial sector.CERT-In regularly disseminates information and share security tips on cyber safety and security through its official social media handles and websites, and conducts online awareness campaign in association with CDAC for citizens on general online safety, social media risks and safety, mobile related frauds and safety, secure digital payment practices.CERT-In, Reserve Bank of India (RBI) and Digital India jointly carry out a cyber security awareness campaign on ‘beware and be aware of financial frauds’ through Digital India Platform.The Government has launched the National Cyber Crime Reporting Portal to enable public to report incidents pertaining to all types of cyber crimes.A toll-free number 1930 has been operationalized to get assistance in lodging online cyber complaints.Ministry of Electronics & Information Technology (MeitY) conducts programs to generate information security awareness.Specific books, videos and online materials are developed for children, parents and general users about information. Information Technology (IT) Act, 2000The Information Technology Act, 2000 was notified on Oct 17, 2000. It deals mainly with law-breaking and electronic commerce in India. In 1996, the United Nations Commission on International Trade Law (UNCITRAL) adopted the model law on electronic commerce (e-commerce) to bring uniformity within the law in several countries. The Information Technology Act, 2000 is based on the UNCITRAL Model Law.It is applicable to companies that do business in India, including entities registered in the country, ones that outsource there, and ones that maintain servers within the country's borders. The act covers all activities that involve electronic documents and online exchanges. However, the provisions of the IT Act only deal with the collection and distribution of information by a ‘body corporate’, and it does not contain a definition of a data breach. Cyber crime violates an individual’s right to privacy, but the IT Act makes no provisions for privacy. Thus, the Indian IT Act is not a cyber security law.This was brought to light in the case of K.S. Puttaswamy v. Union of India, wherein the ‘Aadhar Card Scheme’ was challenged on the grounds that collecting and compiling demographic and biometric data of the country’s residents, to be used for various purposes, violates the fundamental Right to Privacy guaranteed by Article 21 of the Indian Constitution.Critical information infrastructure (CII)The Information Technology Act of 2000 defines “Critical Information Infrastructure” as a “computer resource, the incapacitation or destruction of which shall have debilitating impact on national security, economy, public health or safety”. The critical information infrastructure forms the backbone of myriads critical operations in a country’s infrastructure, and due to their interconnectedness, disruptions can have a cascading effect across sectors. For example-an information technology (IT) failure at a power grid can lead to prolonged outages crippling other sectors like healthcare, banking services.The government, under the Act, has the power to declare any data, database, IT network or communications infrastructure as CII to protect that digital asset. Any person who secures access or attempts to secure access to a protected system in violation of the law can be punished with a jail term of up to 10 years.In India, the National Critical Information Infrastructure Protection Centre (NCIIPC) is designated as the nodal agency for taking all measures to protect the nation’s critical information infrastructure. It was formed in 2014 under Sec 70A of the Information Technology Act, 2000 (amended 2008).It is mandated to take all necessary measures to facilitate protection of CII from unauthorized access, modification, use, disclosure, disruption, incapacitation or destruction, thus facilitating a safe, secure and resilient Information Infrastructure for Critical Sectors of the Nation.     National Cyber Security Policy, 2013The National Cyber Security Policy was introduced in 2013 to build a secure and resilient cyberspace for citizens, businesses and Government. Its vision is to protect information and information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threats, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology and cooperation. It serves as an umbrella framework for defining and guiding the actions related to security of cyberspace. It also enables the individual sectors and organizations in designing appropriate cyber security policies to suit their needs.This policy, therefore, aims to create a cyber security framework, which leads to specific actions and programmes to enhance the security posture of country’s cyber space. The strategies it adopted are:Creating a secure cyber ecosystemCreating an assurance frameworkEncouraging Open Standards to facilitate interoperability and data exchange among different products or services.Strengthening the Regulatory frameworkCreating mechanisms for security threat early warning, vulnerability management and response to security threatsSecuring E-Governance servicesProtection and resilience of Critical Information InfrastructurePromotion of Research & Development in cyber securityHuman Resource DevelopmentCreating Cyber Security awarenessDeveloping effective Public Private PartnershipsInformation sharing and cooperationPrioritized approach for implementation Cyber Security SolutionsThe challenges to cyber threat can be under surveillance and methodical steps can be taken to avoid such malpractices.Developing and upgrading:Network security to protect a computer network from intruders.Application security focuses on keeping software and devices free of threats to prevent illegitimate access to the data its designed to protect.  Information security protects the integrity and privacy of data.Operational security includes the processes and decisions for handling and protecting data assets such as the permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared.Effective disaster recovery policies to dictate that the organization restores its operations and information to return to the same operating capacity as before the event.End-user education that addresses and teaches people/users to delete suspicious email attachments, not plug in unidentified USB drives, etc.Regulating data usage in online space and clearly indicating when information will be shared provided by the users, in order to solve data theft problem.To check for software bugs or viruses  Large technology firms should collaborate and create solutions to increase security for their customers.India needs a single nodal agency and a national cyber crime cell to enforce strict laws, tackle threats and breaches, and penalize entities if they fail to step up their cyber security investments. Currently, there are multiple government agencies at the state and national level, but they lack synergy. Thus, there is a need to combine all these independent task forces.  The awareness campaigns should have better implementation and a deeper reach among the masses.Cyber crime awareness and education should be a part of education and job curriculum.  Efforts need to be made to secure digital infrastructure.Skill development and employment generation in cyber sector should be worked upon to strengthen the workforce.A comprehensive legal framework solely focused on cyber crime should be brought into consideration.India must be a part of international cooperation efforts to promote responsible behaviour in cyberspace. The Budapest ConventionThe Council of Europe’s (CoE) Cyber crime Convention, also known as the Budapest Convention, is the first international treaty on crimes committed via the Internet and other computer networks, dealing particularly with infringements of copyright, computer-related fraud, child pornography and violations of network security. It also contains a series of powers and procedures such as the search of computer networks and interception. It was open for signature in 2001 and came into force in 2004.Its main objective is to pursue a common criminal policy aimed at the protection of society against cyber crime, especially by adopting appropriate legislation and fostering international co-operation. The challenges currently being addressed by the Parties to the Budapest Convention through the Cyber Crime Convention Committee are highly relevant also for India, although it has not signed the convention.The convention offers a legal basis and practical framework for police to police and judicial cooperation on cyber crime and electronic evidence. This framework is constantly under review by the Parties to make it more effective. India would be able to contribute to shaping future solutions and capacity building if it were a party.The alleged reasons for India not signing the convention:The Budapest Convention, through its Article 32b, allows for trans-border access to data and thus infringes on national sovereignty of India.The treaty was drafted without India’s participation. Global Cyber Security IndexThe Global Cyber security Index (GCI) is a trusted reference that measures the commitment of countries to cyber security at a global level – to raise awareness of the importance and different dimensions of the issue. As cyber security has a broad field of application, cutting across many industries and various sectors, each country’s level of development or engagement is assessed along five pillars – (i) Legal Measures, (ii) Technical Measures, (iii) Organizational Measures, (iv) Capacity Development, and (v) Cooperation.The Global Cyber security Index (GCI) was first launched in 2015 by the International Telecommunication Union (ITU) to measure the commitment of 193 ITU Member States and the State of Palestine to cyber security to help them identify areas of improvement and encourage countries to take action, through raising awareness on the state of cyber security worldwide. This report aims to better understand countries’ commitments to cyber security, identify gaps, encourage the incorporation of good practices, and provide useful insights for countries to improve their cyber security postures.With continuous efforts at improvement, India has moved up 37 places to be ranked 10th in the Global Cybersecurity Index 2020 (GCI) .   Social MediaThe term social media refers to a computer-based internet derived technology that facilitates the quick sharing of content, information, ideas, thoughts, and even documents, videos, and photos. Social media has changed the way we all interact with each other online. It gives us the ability to discover what's happening in the world and how opinions vary across regions, all in real-time.People use social media to stay in touch and interact with friends, family and various communities. Businesses use social applications to market and promote their products, get their services reviewed  and track customer concerns . Social media is also used for crowdsourcing, that is, the practice of using social networking to gather knowledge, goods or services. Companies use crowd sourcing to get ideas from employees, customers and the general public for improving products or developing future products or services. Social Media ThreatOn social media platforms, cyber criminals prey on people and develop relationships with those who have access to valuable or sensitive information. Over time, they attempt to elicit information from their targets. In some cases, promising targets are lured for financial gains to get access to information. Some foreign intelligence services are doing this on a mass scale, targeting thousands of people globally through social media.  Another way in which social media acts as a threat to internal security is the spread of rumours and misleading messages which foment violence and radicalization of any form. Communal violence is propagated by radical slogans and messages on social media. Social media played such a role during the recent farm protests which turned violent due to the protests metamorphosing into an alleged Khalistan agenda.Due to the easy availability and widespread use of social media, around 90% of the terrorists use this medium to achieve their goals. The terrorist groups spread their messages through the You Tube, Twitter or Facebook and also track and recruit people through them. For example, the terrorist group of ISIS spreads their messages and activities through the social media. Social Media IntelligenceSocial media intelligence or SOCMINT is the process of collecting and analyzing meaningful insights from social media data, usually through specialized tools and methodologies.SOCMINT is valuable in national security for several reasons. The proliferation of social media provides analysts with a plethora of original security information in quick and real time. This gives intelligence teams data for addressing immediate crises and generating timely intelligence.