Context: The US State Department has warned that China is capable of launching cyberattacks against critical United States infrastructure, including oil and gas pipelines as well as rail systems, after researchers discovered a Chinese hacking group had been spying on such networks.
What is Cyber Warfare?
- Cyberwarfare is a type of network- or computer-based conflict in which one nation-state targets another nation-state with politically motivated attacks.
- Nation-state actors engage in these types of attacks in an effort to obstruct the operations of organisations or nation-states, particularly for tactical, military, or cyberespionage reasons.
- Examples of cyber warfare:
- According to The North Atlantic Treaty Organization (NATO), the Morris Worm was the first instance of cyberwarfare on a global level in 1988.
- In 2010, the nuclear enrichment facility of Iran at Natanz was targeted by Stuxnet, a digital weapon.
Various Forms of Cyber Warfare
- Cyber-attacks: These are the intrusions where immediate damage or disruption caused are the main concern.
- In 2019, it was reported that Chinese state-sponsored hackers had targeted the Kudankulam Nuclear Power Plant in India using the DTrack malware to steal data from computer systems.
- Cyber Espionage: Cyber espionage is an act of intrusion which can provide the confidential or sensitive information needed. Traditional espionage is not an act of war, nor is cyberespionage, and both are generally assumed to be ongoing between major powers. For example:
- Massive spying by the US on many countries, revealed by Edward Snowden.
- After the NSA’s spying on Germany’s Chancellor Angela Merkel was revealed, the Chancellor compared the NSA with the Stasi (the official state security service of the German Democratic Republic).
- Cyber sabotage: It is the deliberate use of digital technologies to disrupt, damage, or destroy computer systems, networks, or digital infrastructure. For example:
- WannaCry: This was a ransomware attack that infected hundreds of thousands of computers in over 150 countries in 2017
- NotPetya: This was a destructive malware attack that targeted Ukrainian financial, energy, and government sectors in 2017.
- Cyber Propaganda: It refers to the use of digital technologies and online platforms to spread false or misleading information for the purpose of influencing public opinion or behaviour. For example:
- Cambridge Analytica Scandal: Russian operatives used social media platforms to spread false or misleading information to influence the outcome of the 2016 US presidential election.
How vulnerable is India to cyber warfare?
- Increasing cybercrimes: As per the NCRB data from “Crime in India, 2020”, Cybercrimes have increased four times or 306 percent in the past four years and rate of cybercrime (incidents per lakh population) increased in 2020.
- India saw a 53 per cent increase in ransomware incidents in 2022 (year-over-year), according to the “India Ransomware Report 2022″ published by the CERT-In.
- Digital India: According to a report, the value of digital payments in India will grow close to 1 trillion dollars in FY26 from 300 billion dollars in FY21.
- Critical Infrastructure: India’s critical infrastructure, including power plants and power distribution, healthcare, railways and banking, have witnessed increasing cyberattacks, allegedly from Chinese state-sponsored groups.
- Terrorism: As per a report by the International Institute for Counter Terrorism, hacktivism activities have increased in Southeast Asia, including website defacement, distributed denial-of-service (DDoS) attacks and information leaks. Such threats will increase in the coming times.
Current Cyber Security Architecture in India
- National Cyber Security Policy, 2013: It was the first comprehensive document brought out by government to create a secure and resilient cyberspace ecosystem and strengthen the regulatory framework.
- It aims to protect information infrastructure in cyberspace, reduce vulnerabilities, build capabilities to prevent and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology and cooperation.
- National Cyber Security Strategy 2020: It was conceptualized by the National Security Council Secretariat to ensure a safe, secure, trusted, resilient and vibrant cyberspace for Nation’s prosperity.
- Pillars of strategy are Secure (the National Cyberspace), Strengthen (Structures, People, Processes, Capabilities), and Synergise (Resources including Cooperation and Collaboration).
- Institutional mechanism:
- Indian Cyber Crime Coordination Centre (I4C): It was rolled out by Ministry of Home Affairs for the period 2018-2020 to combat cybercrime in the country, in a coordinated and effective manner.
- Indian Computer Emergency Response Team (CERT-In): It serves as national agency for responding to cyber security incidents as per provisions of IT Act, 2000. It issues alerts and advisories regarding latest cyber threats/vulnerabilities and counter measures to protect computers and networks on regular basis.
- Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre): It has been launched for detection of malicious programs and provides free tools to remove the same.
- National Cyber Crime Reporting Portal: It caters to complaints pertaining to cybercrimes only with special focus on cybercrimes against women and children.
- National Cyber Coordination Centre (NCCC): It is multi-stakeholder cybersecurity and e-surveillance agency, under CERT-In. It generates situational awareness of existing and potential cyber security threats and enable timely information sharing for proactive, preventive and protective actions by individual entities.
- National Critical Information Infrastructure Protection Centre (NCIIPC): It is created under IT Act, 2000 (amended 2008) and designated as National Nodal Agency to facilitate safe, secure and resilient information infrastructure for critical sectors of the Nation.
- National Cybersecurity Strategy: The Union Government is in the process of formulating a National Cyber Security Strategy which will holistically look at addressing the issue of security of national cyberspace.
- Cyber Defence: Presently, the nature of the war in Ukraine indicates that India needs to review its cyber-defence policies. India also needs to give equal attention to building a deterrent cyber-offensive capability.
- Offensive cybersecurity strategies pre-emptively identify vulnerabilities and security weaknesses before an attacker exploits them.
- Technological Updation: India also needs to study the evolving tactics, techniques, and procedures (TTPs) of hackers and criminals to be able to prevent these attacks. The cyber forensic laboratories of States must be upgraded with the advent of new technologies.
- Data localisation: Most cybercrimes are trans-national in nature with extra-territorial jurisdiction. The collection of evidence from foreign territories is not only a difficult but also a tardy process.
- Therefore, ‘data localisation’ must feature in the proposed Personal Data Protection law so that enforcement agencies are able to get timely access to the data of suspected Indian citizens.
- Human Resource Development: There is a need to introduce new courses, curriculum and academic institutions in the field of cyber security, ethical hacking, cryptology etc. to boost human resource in the field of cyber warfare.
- Synergy and Coordination: There is a need for coordination, planning, understanding and synergy of efforts amongst all civil, military, intelligence, law enforcement and educational organisations responsible for cyber security, information assurance, cyber warfare and perception management.
- Budget Allocation: A Parliamentary Standing Committee has recently recommended that funds for cyber security may be increased on a year on basis to forestall any failures in this domain for sheer lack of funds.