Basics of Cyber Security

Basics of Cyber Security

In this article, we shall deal with topic titled Basics of Cyber Security.

 

Note : This article is part of our series on Internal Security. You can check other articles on following links

  • Linkages between development and spread of extremism
  • Role of external state and non-state actors in creating challenges to internal security
  • Role of media and social networking sites in internal security challenges
  • Basics of cyber security
  • Money-laundering and its prevention
  • Linkages of Organised Crime with Terrorism
  • Security challenges and their management in border areas
  • Various Security Forces and Agencies and their mandate

 

Introduction

  • Today ,  all strategically  important departments are connected through internet . Hence, there are rising threats to cyber security through cyber crimes ,cyber attacks and cyber war
  • The architecture of the Internet was designed to promote connectivity, not security. Cyber experts warn that the more technologically advanced and wired a nation is, the more vulnerable it is to a cyber-attack.
  • After land, sea, air and space, cyberspace has been officially declared as the 5th dimension of warfare.

 

 

 

Definitions

Cyber Security

As per Clause 2(b) of IT Act, 2000, Cyber security is defined as protecting information, devices , equipment, computer resources and information stored in them from unauthorised access , use , disclosure, disruption, modification or destruction

 

Cyber Crime

  • There is no fixed definition of cyber crime . It refers to all the criminal activities done using medium of computers , internet and cyber space . Even the Indian IT Act doesn’t define cyber crime .
  • Generally speaking, it can be divided into two categories
        1. Crimes that target computer and devices directly. Eg : Hacking, Computer viruses , Data theft, Denial of Service(DoS) attack etc.
        2. Crimes facilitated by computer networks . Eg : Phishing, Spam, Offensive Content, Cyber Stalking etc

 

  • The most prominent form of Cybercrime is identity theft, in which criminals use the Internet to steal personal information from other users. Two of the most common ways this is done is through phishing and pharming.
  • Cyber Crime (is a broader term) = Cyber Attacks + Cyber Terrorism+ Cyber Warfare

 

 

Cyber Attack

  • Attack from one computer to another deliberately to alter, disrupt , deny , degrade or destroy the data hosted on the attacked system or network
  • Mostly done using malicious code

 

 

Cyber Terrorism

  • It is the premeditated use of disruptive activities or threat by clandestine groups in cyber space with the intention to further the political objectives or intimidate any person or group. It has clear political objectives . Terrorists induce fear by indulging in large scale disruption of computer systems and networks. This can also be called as the traditional way of defining cyber terrorism.
  • If one tries to look beyond the traditional definition of cyber terrorism, it even leads to violence . Eg : the rumour that led to the mass exodus of North-Eastern people from Bangalore in 2012 .
  • It also refers to the use of cyber space as a backend support to the traditional forms of terrorism.

 

  • Some incidents of cyber terrorism in India
        1. Muzzafarnagar riots
        2. Creating misinformation about certain things

 

 

Cyber Warfare

  • Cyber warfare is Internet-based conflict involving politically motivated attacks on information and information systems
  • Cyber warfare attacks can disable official websites and networks, disrupt or disable essential services, steal or alter classified data, and cripple financial systems among many other possibilities
  • Any country can wage Cyberwar on any other country, irrespective of resources, because most military forces are network-centric and connected to the Internet, which is not secure. For the same reason, Non-Governmental Groups and Individuals could also launch cyberwarfare attacks.

 

Examples

  • Stuxnet in 2010 in which Iranian Nuclear Plant were attacked by US and Israel.
  • In 1998, the United States hacked into Serbia’s Air Defence System to compromise air traffic control and facilitate the bombing of Serbian targets.
  • in 2007, an unknown foreign party hacked into high tech and military agencies in the United States and downloaded terabytes of information.
  • In 2012, large-scale cyber attacks targeted at the Iranian government were uncovered, and in return, Iran is believed to have launched massive attacks aimed at U.S. banks and Saudi oil companies.

 

 

 

Cyber warfare cases in India

      • 2012 : High profile cyber attack breached the email accounts of around 12,000 people including tge officails of MHA, MEA & ITBP etc
      • Hackers from Algeria carried attack on website run by DRDO
      • When violence broke in 2012 between residents of Assam and Bangladeshi migrants , a nationwide hate messages spread by Pakistan

 

 

Cyber Espionage

  • Cyber Espionage, is the act or practice of obtaining secrets without the permission of the holder of the information, from individuals, competitors, rivals, groups, governments and enemies for personal, economic, political or military advantage using methods on the Internet, networks or individual computers through malicious software including Trojan Horses and Spyware
  • These acts are between state nations, but they may include non-state actors too

 

New : Crypto Jacking

Cryptojacking is process in which unauthorised crypto-coin miners siphon the resources of personal computers to mine crypto currencies like Bitcoin without the knowledge of owner  .

 

According to latest Symantec Report, this is the latest major threat in cyber security.

 

 

Side Topic : Malware and  Ransomware

Malware – “Malware” is short for “malicious software” computer programs designed to infiltrate and damage computers without the users consent

 

Ransomware

Ransomware, as the name suggests  locks computers, encrypts the data on it and  prevents users from accessing their devices and data  until a certain ransom is paid to its creator

 

Examples

Wannacry (2017)
  • Extensive Ransomware attack (Wannacry) infected more than 1 Lakh Companies and Services
  • Most important target – National Health Services (NHS) of Britain, where doctors were blocked from patient files.
  • Demanding $300 to decrypt files in Bitcoins

 

Petya (2017)
  • Petya is more advanced ransomware
  • Hit chiefly Ukraine and Russia.
  • Mumbai’s Jawaharlal Nehru Port Trust was also hit

 

 

Benefits over conventional attack / Challenge for security

  • Cheaper to execute
  • Less risky , no physical harm can be done to attacker
  • Anonymity : Technology permits attacker to conceal its origin making it more lucrative for the state and non-state actors.
  • Unconstrained by distance
  • Several people can use same program
  • Traditional security concepts like deterrence and retaliation are difficult to apply
  • Even normal person can have a access over such programs

 

 

 

India’s Vulnerability on Cyber Space

India remains vulnerable to digital intrusions such as cyber-espionage, cybercrime, digital disruption and Distributed Denial of Service

      • India is the 3rd most vulnerable country in the world in terms of cybersecurity breaches followed by US & China(2018 Report by Symantec )
      • Indian IT Act , 2000 is weak with large lacunae (explained below).  
      • There is no data protection law in India (Committee, led by Justice B.N. Srikrishna constituted to formulate it)
      • Data Colonization : India data is exported abroad and stored outside . No data localisation law
      • Multiplicity of agencies (more than dozen) including MHA, CERT-IN , NCIIPC, state police etc deal with cyber crime. The lack of coordination hinders smooth functioning.
      • Computer Emergency Response Team (CERT-In) is woefully understaffed.
      • Chinese are increasing their military capacity for cyber attack which is cause of concern for India .
      • Most of the mobile devices are made in China which heighten risk of Cyber Espionage
      • Numbers of attacks from Pakistan has increased.
      • Indians don’t use paid original versions of operating systems and softwares. As a result, they don’t get frequent updates from the system (like Windows update which plugged loophole used by Wannacry)

 

 

Current Attacks on India
      • Cyber-espionage group called Suckfly targeted financial institutions
      • Cyber-espionage group, called Danti, penetrated Indian government systems

 

  • Pakistani Hackers under group named “Pakistani Cheetahs” hacking government websites

 

 

Why India need  Cyber Security

  • India is betting big on digital sector. Government has started programmes like Digital India &  Smart Cities and has started Payment Banks which will do most of their operations on internet. Hence, ultra secure cyber network is required in India
  • Government’s digital push : Promoting programs like Aadhar, Digilocker, e-Market etc
  • Large number of transactions through digital means
  • Highly sophisticated cyber attacks like Wannacry and Petya on rise
  • To protect our Critical Infrastructure
  • To protect the private sector especially IT sector
  • To protect the citizens of nation from hacking & fraud attacks
  • Most of countries are going for militarisation of cyber space. We need to secure our cyber space to deal with future threats

 

India’s Cyber Security Architecture

Basics of Cyber Security
Cyber Security Architecture of India

1. IT Act ,2000

Information Technology Act, 2000 was originally passed to facilitate the e-commerce transactions. However, it has been amended from time to time to tackle the various threats that emanate from Cyberspace.

  • Section 70A : NCIIPC (National Critical Information Infrastructure Protection Centre) to protect Critical Information Infrastructure (CII) (12 sectors like banking, defense, aviation etc.
  • Section 70B :  ‘Computer Emergency Response Team India ‘ (CERT-IN) modelled on a similar force in USA to deal with cyber security threats like hacking and phishing and strengthens defense
  • Section 66 F : Defines Cyber Terrorism

 

 

However, the bill is weak on data protection

  • Does not protect the privacy. Hence, it does not prevent companies from selling or sharing consumer data 
  • The bill also does not define cyber terrorism in comprehensive way  
  • IT act does not contain a coherent strategy which can leverage synchronized efforts of public and private sector.

 

The government has tried to update the bill to deal with the challenges of cyberspace, the dynamic nature of the sector means that the government is always playing catch up.

 

2. CERT-In

  • CERT-In (Cyber Emergency Response Team – India) made under IT Act, 2000
  • Aim : provide early security warning and effective incident response.  

 

3. NCIIPC

  • National  Critical  Information  Infrastructure  Protection  Centre(NCIIPC)
  • To protect critical infrastructure of the country eg Banking , Defence

 

4. I-4C

  • Indian Cyber Crime Coordination Centre (I-4C)
  • On the basis of the recommendations of the Gulshan Rai committee.
  • Under Home Ministry
  • I-4C will help in monitoring cyber-crimes, and will help law enforcement agencies in curtailing these crimes.

 

 

CyCord Centre

  • Formed in Dec 2018
  • Platform for Law Enforcement Agencies to collaborate and coordinate their efforts to resolve cyber crime

 

 

 

National Cyber Security Policy , 2013 

Need for Cyber Security Policy

The lack of coherent Cyber Security Policy seriously interfered with India’s national and economic development. India’s approach to cyber security was adhoc and piecemeal in nature. A number of organisations has been created but their precise role wasn’t defined not there was any synergy between them.   There was no institutional structure without a comprehensive national level policy and neither the private nor the government was able to build the system that could be called robust . The Cyber Security Policy of 2013 is an important step in this direction.

 

 

Salient features of Policy

  • To create a cyber ecosystem in the country and to generate adequate trust and enhanced adoption of IT in all the sectors of economy
  • Tp strengthen the regulatory framework for ensuring a secured cyber-space ecosystem
  • Set  up  a  24×7  NCIIPC for protecting critical infrastructure of the country
  • Create a taskforce of 5 lakh cyber security professionals in 5 years 
  • Provide fiscal  benefits to businesses for adoption of standard cyber security practices.
  • Designate CERT-In as incharge of cyber security related matters and have the local (state) CERT bodies to co-ordinate at the respective levels.
  • Develop dynamic Legal Framework to deal with Cyber Security .
  • Setup testing labs to regularly check safety of equipment

 

Cyber Swatchchta Kendra 

  • Launched by Government of India in 2017
  • Part of Digital India Initiative

 

 

What it will do ?

      • Systems will be scanned by CERT-in for free
      • It will provide free tools for keeping your devices secure (refer below)
      • This Kendra will  enhance awareness among citizens regarding botnet and malware infection

 

Tools provided for free in CSK

      • M Kavachantivirus  for smartphones
      • USB Pratirodh : USB protector .
      • Browser JSGuard : block malicious JavaScript and HTML files 
      • Free Bot Removal Tool

 

State Example : Maharashtra

Maharashtra has become first state in the country to have a cyber-police station in each district

 

Other states need to learn from this

 

Steps India should take

      • Individual Level : Individuals should be educated to create backups & also understand the need for it. They must be educated not to reveal their sensitive personal information indiscreetly.

 

      • Amendment of IT Act 2008
      • Government should consider the merits of China’s cybersecurity law that requires
        • Data Localisation  .
        • ‘Security certification’ for important network equipment and software companies

 

 

      • Using Cloud Computing : Since small firms , startups and all government departments cant buy expensive firewall systems individually, government can go for Cloud Computing (IaaS)  Mechanism to provide high end and most secure firewall to them . It will reduce the price and increase affordability.

 

 

      • Cyber Offensive   Policy  :India should have its own Cyber Offensive  policy to give clear idea to the world that what would be India’s response if it is hit by any nation sponsored Cyber Attack. In new world when Cyber Space has become 5th Arena of Warfare (other being Land, water, air and space)  , it is very much required to be prepared for such attacks .

 

      • Signing MoUs with other advanced nations – India is already working on this and has done following
        • MoU between India and UK
        • India and USA
        • Japan & Singapore

 

 

      • Sign Budapest Convention – Budapest Convention is the first & only international treaty that addresses Internet and computer crime .

 

      • Air gapping: Air gapping = isolating computer or network and preventing it from establishing an external connection.

 

 

      • Using Quantum Cryptography -Cryptography is  process of encoding and decoding information  so that it is sent securely over communication network.  Present Systems of Cryptography use Mathematical Algorithms which  can be cracked .  Quantum cryptography uses spin of photons as key. Hence, there is little chance it can be cracked

 

      • More Summits like GROUND ZERO SUMMIT should be organised
        • Ground Zero Summit is the largest collaborative platform in Asia for Cyber security experts  to address emerging cyber security challenges + provides platform  to establish and strengthen relationships between corporate, public sector undertakings (PSUs), government departments, security and defense establishments.

 

 

 

 

 

 

BUDAPEST CONVENTION

Came into force 1 July 2004
Against
  • Crimes committed via Internet
  • Infringement of copyrights
  • Computer related frauds
  • Child pornography
  • Violation of network security
Objective
  • Pursue common criminal policy aimed at protection of society against cyber crime by adopting legislation
  • Declare any publication of racist or xenophobic propaganda via computer network an offence

 

Developing countries including India have not signed it stating that the developed countries led by the US drafted it without consulting them.

 

Government vs Privacy : PRISM / NeTRA

  • Right to privacy is a human right . But recent developments in mobile technologies have made these digital devices as storehouse of private content 

 

  • Governments always like Orwellian Levels of Surveillance. Hence, security agencies have been demanding unfettered access to information and  running programmes like PRISM (USA) and NETRA (India) to have access

 

 

  • WhatsApp  uses end-to-end encryption that ensures only you and the person or group you are communicating with can read and see what is sent, and nobody in between — not even WhatsApp have access to messages.
        • Investigators argue, they’re creating warrant-proof spaces for criminals.
        • When no such absolute privacy exists in the physical world, how can such exist in virtual world?

 

 

Leave a Comment