Upcoming IAS Academy
www.upcomingias.com
/SECURITY ISSUES
ST
/ 21 OCTOBER /2022
FRIDAY SECURITY ISSUES
CYBER THREATS POSE A CHALLENGE TO INTERNAL SECURITY
Context
• As the 21st century advances, a new danger the cyber threat is becoming a daily monster.
It is hardly confined to any one domain though the military is the one most often touted.
Rather, it is the civilian sphere where the cyber threat is becoming more all-pervading today
and, in turn, a serious menace.
What is mean by Cyber threat?
www.upcomingias.com
� Upcoming IAS Academy
• A cyber threat or cyber security threat is defined as a malicious act intended to steal or
damage data or disrupt the digital wellbeing and stability of an enterprise.
• Cyber threats include a wide range of attacks ranging from data breaches, computer viruses,
denial of service, and numerous other attack vectors.
How Cyber threat is ever increasing?
• Increasing Grey Zone Operations: Grey zone Operations which fall outside traditional
concepts of conflicts have become the new battleground, especially in regard to cyber
warfare. ‘Grey Zone Operations’ are already beginning to be employed to undermine the
vital of a state’s functioning, a trend likely to grow. The convergence of emerging
technologies alongside new hybrid usages, pose several challenges to nations and
institutions.
• Attack on examination: The recent arrest in India, of a Russian for hacking into computers
involved in the conduct of examinations for entry into the Indian Institutes of Technology
(IITs), is a reflection of how cybercriminals are significantly amplifying their
Grey Zone Warfare’ tactics
• Pervasive nature of cyber threat: What is most unfortunate is that not enough attention
is being bestowed on the all-encompassing nature of the cyber threat. In the wake of the
Russia-Ukraine conflict, the world seems awash with papers on artificial intelligence (AI)-
driven military innovations and potential crisis hot zones, along with stray references to
new forms of hybrid warfare.
• Weaponization of everything: There is very little about the threat posed by cyberattacks.
Ignored also is the new reality of the weaponization of everything’ which has entered the
vocabulary of threats. The latter clearly demands a ‘proto-revolutionary’ outlook on the
part of policymakers, which is evidently lacking.
www.upcomingias.com
� Upcoming IAS Academy
• Becoming a Multi-dimensional threat: Lost in translation is also the nature of today’s
weapon of choice, viz., cyber. This lack of awareness is unfortunate at a time when states
clearly lack the necessary resilience to face a variety of multi-vector threats.
• Cyber weapon as symbol of national Power: Cyber space has been described by Lt.
Gen. Rajesh Pant (retired), India’s current national cyber security coordinator, as a
“superset of interconnected information and communication technology, hardware,
software processes, services, data and systems”. Viewed from this perspective, it
constitutes a critical aspect of our national power.
• Simultaneous attacks in multiple dimensions: Cyber threats are not confined to merely
one set of conflicts such as Ukraine, where no doubt cyber tools are being extensively
employed extending well beyond this and other conflicts of a varied nature. The cyber
threat is in this sense all-pervading, embracing many regions and operating on different
planes.
Challenges to India’s cyber security infrastructure
• Structural:
1. Absence of any geographical constraints.
2.Lack of uniformity in devices used for internet access.
• Administrative:
1. Lack of national-level architecture for cybersecurity
2. Security audit does not occur periodically, nor does it adhere to the international standards.
3. The appointment of the National Cyber Security Coordinator in 2014 has not been
supplemented by creating liaison officers in states.
www.upcomingias.com
� Upcoming IAS Academy
• Procedural
1. Lack of awareness in local police of various provisions of IT Act, 2000, and also of IPSC
related to cybercrime.
2. Lack of data protection regime.
• Human Resource Related
1. Inadequate awareness among people about the security of devices and online transactions.
What are the Steps taken by India to strengthen cyber security?
• Section 66F of ITA: Specific provision dealing with the issue of cyber terrorism that
covers denial of access, unauthorized access, introduction of computer contaminant leading
to harm to persons, property, critical infrastructure, disruption of supplies,
‘sensitive data’ thefts. Provides for punishment which may extend to life imprisonment.
• National Cyber Security Policy 2013: Policy document drafted by the Department of
Electronics and Information Technology. Established National Critical Information
Infrastructure Protection Centre (NCIIPC) to improve the protection and resilience of the
country’s critical infrastructure information; Create a workforce of 5 lakh professionals
skilled in cybersecurity in the next 5 years.
• National Critical Information Infrastructure Protection Centre (NCIIPC): It has been
setup to enhance the protection and resilience of Nation’s Critical information
infrastructure. It functions under the National Technical Research Organization (NTRO).
• Computer Security through CERT-IN: Organization under the Ministry of Electronics
and Information Technology with an objective of securing Indian cyberspace. The purpose
of CERT-In is to respond to computer security incidents, report on vulnerabilities and
promote effective IT security practices throughout the country. According to the provisions
www.upcomingias.com
� Upcoming IAS Academy
of the Information Technology Amendment Act 2008, CERT-In is responsible for
overseeing the administration of the Act.
• Cyber Surakshit Bharat Initiative: It was launched in 2018 with an aim to spread
awareness about cybercrime and build capacity for safety measures for Chief Information
Security Officers (CISOs) and frontline IT staff across all government departments.
• Cyber Crisis Management Plan (CCMP): It aims at countering cyber threats and cyber-
terrorism.
• National Cyber Coordination Centre (NCCC): It seeks to generate necessary situational
awareness of existing and potential cyber security threats and enable timely information
sharing for proactive, preventive and protective actions by individual entities. National
Cyber Security Coordinator (NCSC) under National Security Council Secretariat (NSCS)
coordinates with different agencies at the national level for cyber security matters.
• Cyber Swachhta Kendra: This platform was introduced for internet users to clean their
computers and devices by wiping out viruses and malware.
• Information Security Education and Awareness Project (ISEA): Training of personnel
to raise awareness and to provide research, education, and training in the field of
Information Security.
Conclusion
• With several non-state actors engaging in hybrid warfare and distorting day-to-day
practices, including examinations, these pose legal, ethical and real dilemmas. Left
unchecked, the world may have to confront a new kind of Wild West, before states find a
common denominator for regulating cyber space and lay down proper rules and practices
to prevent anarchy and chaos.
www.upcomingias.com
