Professional Documents
Culture Documents
Vijay Kumar Kaul-1 PDF
Vijay Kumar Kaul-1 PDF
T
In fact, these unprecedented events
he world has witnessed out likely by a state or state-sponsored aren't merely the recent history of
a disturbing increase in organisation. Iran is suffering from the cyberwarfare’s arms race, they are all
disruptive cyberattacks since US sanctions. After withdrawing from the linked back to a single, highly dangerous
2014-15. On December 11, Iran’s Nuclear Deal of 2015, the USA has group of hackers: Sandworm. Sandworm
2019, newspapers reported imposed sanctions on Iran which have is suspected to be linked with Russia. In
a statement that Iran has ‘identified crippled the Iranian economy. In June case of Ukraine’s outage in 2015, many
and diffused a massive cyber-attack 2019, the USA cyber-attacked the Iranian global cybersecurity analysts believe
on its electronic infrastructure. It was Intelligence system with a devastating Russia is using Ukraine as a laboratory
very large, organised and government effect. It was reportedly in response to for perfecting new forms of global online
attack.’ No country or group has been Iranian attack on commercial vessels in combat. And the digital explosives that
named as attacker. In November 2019, the Gulf. Earlier in the year- 2009-2010 Russia has repeatedly set off in Ukraine
the details of 15 million Iranian debit also, Washington used Stuxnet computer are ones it has planted at least once
cards were published online, exposing virus, a US-Israel joint creation, and before in the civil infrastructure of the
the account information of almost one- disrupted thousands of Iranian centrifuge United States.
fifth of Iran’s population. Though, Iran (enriching uranium) in the Iran’s nuclear In the Cyberspace, cyber-attacks are
denied the breach a result of a hack, cyber sites. On 13 December 2019, the city of the medium to inflict damages to the
experts believe the attack was carried New Orleans declared State of Emergency targeted entity, city, state or country. This
Wikimedia
system to create resistance to any cyber
intrusion and attack, as well as offensive
capabilities. Blockchain panel discussion at the first IEEE Computer Society TechIgnite conference
Swiss European
surveillance: face
recognition and
vehicle make, model,
colour and license
plate reader
Wikipedia
border data flows. Many of the emerging virus in 1977, to hacking web sites, international community is urging
technologies, like cloud computing, malicious code, to Advanced Worm and for collaboration and cooperation
delivered online are themselves services. Trojan, to Identity theft(phishing) to, invoking UN principles. A UN Group
Data collection and analysis are adding now 2010 onwards. Cyber Espionage and of Government Experts (GGE) agreed
value to goods exports through so-called Cyber warfare. Forbes has predicted that in 2013 and 2015 that the principles in
“servicification.” Data flows enable “In 2020, we’ll see an increasing number of the UN Charter, including sovereignty
digitisation of the entire manufacturing cybercriminals use Artificial Intelligence and the prohibition on intervention in
enterprise, shorter production cycles (AI) to scale their attacks. AI will open another state’s affairs, apply to states’
and collaborative and connected supply the door to mutating malware based on activities in cyberspace. The 2015 GGE
chains. The deployment of 5G networks attackers using genetic algorithms that also recommended eleven (non-binding)
and technologies will accelerate the are capable of learning, increasing their norms of responsible state behaviour
growth of the digital economy and chances of success.” There are 141+42 in cyberspace. However, there was no
digital trade. The ‘most transformative cyber security subject predicted by the consensus among the countries on how
impact will be in bringing faster experts in the year 2020 which ranges to apply these principles. The reasons
processing speeds and increased network from disrupting elections to targeted for this was probably the countries using
functionality. The Internet Protocol will ransom ware to privacy regulations to cyberspace, conducting cyber operations
be used in network architecture as well as deep fakes and malevolent AI. covertly, were reluctant to put their views
by the applications that run on it. 5G will There are four key areas of cyber risk on record. Now, there is some debate,
effectively turn everything into data as with implications for global data flows in principally between countries in the West,
everything becomes an IP app. This will a digital economy. The first is the national about the extent to which sovereignty
create lot of new challenges also. defence space. This includes all branches is a legally binding rule in the context
of the military, intelligence services, the of cyberspace and, if so, how it and the
Cyber Security Challenges and Risks defence infrastructure, networks, and principle of non-intervention might
Cyber security has also created a lot of related software, as well as classified apply in practice.
challenges. Growing global connectivity information stored on the networks. President Emmanuel Macron of
of businesses, governments, and supply The second is critical infrastructure, France, on 12 November 2018, launched
chains with the use of AI and Internet like telecom, power grid, ports etc. The the Paris Call for Trust and Security in
of Things (IoT) and cloud computing third area includes trade secrets and IP Cyberspace, urging for the development
have increased the exposure to the risks with commercial value. The fourth area of common principles at the UNESCO
and costs of cyber-attacks. These risks of vulnerability includes other online Internet Governance Forum. In the
undermine business and consumer trust information. USA, the President’s National Security
in the internet as a basis for commerce Telecommunications Advisory Council
and trade. These challenges in cyberspace Call for International Law and Cooperation observed, the U.S. is “faced with a
in the form of threats, crimes and warfare With increased importance of cyberspace progressively worsening cyber security
have moved a long way: from computer and growing disruptive cyber-attack, threat environment and an ever-
increasing dependence on internet Ended Working Group (OEWG) under a sovereignty’, distinct from the
technologies fundamental to public resolution proposed by Russia to consider international law concept of sovereignty.
safety, economic prosperity, and overall how international law applies to states’ This term describes the wide-ranging
way of life. Our national security is now activities in cyberspace. In the OEWG powers it assumes under domestic law to
inexorably linked to cyber security’. discussions at the UN in September 2019, regulate its citizens’ access to the internet
In the last few years, certain countries several countries claimed that a new legal and personal data within its territory. This
have put on record how they consider instrument was needed to fill the ‘legal approach of China is being used by other
international law to apply to states’ vacuum’ (Cuba) or ‘the gap of ungoverned authoritarian countries. For instance,
activities in cyberspace, namely the UK, areas’ (Indonesia). Russia’s has recently enacted ‘Sovereign
Australia, France and the Netherlands. The existence of the OEWG exploring Internet Law’.
While there may be some differences the same issues in a separate process
in their approaches, there also remains reflects the fact that cyber norms have India’s Cyberspace capabilities
important common ground: namely, become an area of geopolitical rivalry. India is second largest country in terms
that existing international law already Though all countries demand for the of population, third largest country
provides a solid framework for regulating application of international law, most in terms of GDP on PPP and seventh
states’ cyber activities, as it regulates every of them are also adopting divergent largest country in terms of geographical
other domain of state-to-state activity. approaches to the domestic regulation of area. It is multi-cultural, multi-lingual,
However, other countries have cyberspace within their own territory. The multi-religious country with very
called for ‘new legal instruments’ in this emerging trend towards a ‘splinterne’– i.e. fertile agriculture landmass, diversified
area. This includes a proposal by the between states that believe the internet industrial base and vibrant services
Shanghai Cooperation Organisation should be global and open on the hand, sector. Its economy has been growing fast
(led by Russia and China of which India and those that favour a ‘sovereignty and during the last two decades and it has
is also a member) for an International control’ model on the other – is making become around $3 trillion economy. It
Code of Conduct on Information Security. discussions at the GGE more challenging. has aimed to achieve $5 trillion economy
The UN has also formed a new Open- China has coined a term ‘cyber status in the coming years. India is also
surrounded by enemy countries which
have been raising a low intensity proxy
Table-1: Trends of cyberattacks war against India. In addition, increased
power of non-state actors/terrorist to
Trends Explanation disrupt the economic functioning of
Hackers are increasingly targeting Malware targeting such devices are more easily the country is a serious threat. India’s
connected smart Home devices available. It is also possible that first time hackers modern critical infrastructures like
energy, telecom, ports, transportation,
are targeting these devices to gain experience
etc are using digital technologies and
High reconnaissance activity India continues to be in the cross hairs of state control systems. A large population of
and non-state actors India is using internet and smartphones,
and India is counted as having the second
Critical infrastructure continues to be a Such installations are targets for sophisticated largest online population. E commerce
key target attacks launched by state-backed and is flourishing and generating huge data.
experienced hackers Increased use of digital payments, vast
financial system and e governance, the
Attacks on Operation technology (OT) With more OT systems getting connected with cyberspace has become critical area to be
systems continue to rise IT networks, they are attracting more attacks. protected and secured.
Hackers are targeting IT and OT systems using India is facing continuous cyber-
similar malware. As OT systems are often using attacks on its cyberspace. A report
older technology and security aspects are not prepared by Subex Ltd ‘The state of
getting adequate attention, the chances of hackers internet of Things security in India-Q3
succeeding remains high. 2019’ in November 2019 has given the
following key numbers of cyber-attacks in
Attacks on smart city and defence These two are the usual targets the quarter ending October 2019: 14000
installations remain high critical attacks detected of very high
sophistication and persistence, 70,300
Hosted botnets still active Lack of adequate security measures, use of High grade attacks, 8300 malware variants
second hand devices and default passwords identified, 3507 modular malware
have all contributed to devices turning into bots. samples isolated, 90 days average
Botfarms continue to expand as newer devices malware persistence, Bengaluru, Mumbai
get added on a daily basis and New Delhi together account for 38
percent of all attacks detected. The report
Increased detection of military A huge cache of such malware was released also presents the trends of cyber-attack
grade malware by some developers in January 2019 some of shown in Table-1.
which have now ended up in the hands of hackers The key numbers and trends showed
targeting Indian installations in Table-1 shows that India urgently needs
protection and strong cyber security
Source: Subex Ltd, Report the state of IoT security in India | 03, November 2019(10) capabilities. It lacks effective offensive
A 5G mobile tower
installed in Germany
Wikipedia
and defensive cyber security capabilities low commitment. Table-4 gives GCI score
and lack access to mechanism vital to Table-2: Five Dimension of Global Cyber of selected developed and developing
confronting sophisticated malware. Security Index countries. India’s score is 0.719 and rank is
In order to further explore the India’s 47. This is considered high commitment
cyber capabilities, data from two Global 1. Legal: Measures based on the existence in all pillars. South Africa, Iran and Brazil
cyber security index has been taken and have committed and engaged in cyber
compared with other leading countries’ of legal institutions and frameworks dealing security.
cyber security capacity. First, Global with cyber security and cybercrime. The report has also projected that
Cyber Security Index (GCI) 2018 prepared cyber-crimes will cost world US$2 trillion
by ITU has placed India on 47 rank. As 2. Technical: Measures based on the by 2019. There will be less ransom-ware
per this GCI, shows that India has strong existence of technical institutions and attack but more of personal data breach
commitment and capabilities in cyber and critical infrastructure breaches. There
framework dealing with cyber security.
security. Global Cyber Security Index 2018 is widening gap among countries in terms
has examined the cyber capabilities and of cyber security legislation, strategies,
commitment of 194 countries on five 3. Organisational: Measures based emergency response teams, awareness,
pillars: Legal, Technical, Organisational, on the existence of policy coordination capacity to spread out strategies,
capacity building and cooperation (see institutions and strategies for cyber security capabilities and programme.
Table-2). development at the national level. To get a further insight in the
On the basis of five dimensions on capabilities another Index ,National
which GCI score has been prepared, 4. Capacity building: Measures based on Cyber Security Index, is used. The
a comparison of top 10 countries is National Cyber Security Index (NSCI) is
presented in Table-3. This table clearly the existence of research and development, a global index, prepared by e-governance
shows that most of the top countries have education and training programmes, Academy of Estonia. This Index measures
high commitment on all the dimensions certified professionals and public sector the preparedness of countries to prevent
except cooperation. There is a need to cyber threats and manage cyber incidents.
agencies fostering capacity building.
increased international cooperation in The NCSI is also a database with publicly
the field of cyber security. Two Asian available materials and a tool for national
countries, Singapore and Malaysia have
5. Cooperation: Measures based on the cyber security capacity building.
been included among top nations. existence of partnerships, cooperative The NCSI focuses on measurable
All the countries in GCI score are frameworks and information sharing aspects of cyber security implemented
ranked and placed in three categories: high networks. by the central government:1) Legislation
commitment, moderate commitment and in force – legal acts, regulations, official
eply inte- d
Country Rank National cyber Digital Development Difference
security Index Level m y i s d e
c on o e an
United Kingdom 8 75.32 83.96 -8.64 China’s e h the US via trad rnet
it
grated w nt. The global inte ivity
USA 21 64.94 82.33 -17.39 t
i nv e s t m e a s e d s u c h c o n n e c c k
has in h the scope for ta
r e a t
France 1 83.12 79.06 4.06 c
Japan 17 66.23 82.15 -15.92
along wit
Germany 2 83.12 81.95 1.17
Russia 22 63.64 67.49 -3.85
China 53 38.96 58.00 -19.04
India 39 50.65 42.29 8.36
South Africa 69 28.57 54.80 -26.23 These CDCs are powered with cyber
next platform (a platform powered
Brazil 67 29.87 59.17 -29.30 with next-generation cybersecurity
capabilities) and deliver 24x7 next-
Source: Based on The National Cyber Security Index, 2018 gen managed security services with a
combined capacity of 1000 plus seats.
India has also built strong IT companies have been incorporated in the The company is taking three-pronged
capabilities in terms of a vibrant IT last one decade. Some of the companies approach to constantly skills, reskill
ecosystem that includes IT corporate are enjoying an average annual growth and upskill. For the first part of skilling,
sector, IITs and engineering education rate of 60 percent. These companies the company has partner in Purdue
institutions etc. As the IT sector is evolving have achieved turnover of over $450 University in Indiana, US. Re-skilling is
with computer, internet, server services to million in 2018. Around one third of these done through ‘training, certification and
high volume data sharing over internet, to companies are offering products in AI/ constant development of skills in specific
smartphone and cloud to smart devices MI domain. Among all these companies technology and domain, infrastructure
now, along with ever growing cyber around 65 percent are offering both cyber security, Security information and
security risks and challenges, the Indian security product and services and around event management (SIEM), security
IT enterprises are also evolving their 35 percent are offering pure product orchestrations, automation and response
capabilities and strengths. As estimated solution. These companies have filed 116 (SOAR) etc. Finally, constant up-skilling is
by the Gartner cyber security market patents out of which 44 patents have been done on niche technology training, such
worldwide is going to be $124 billion by granted. as cloud operational technology/Internet
2019. Indian IT sector has potential to be Infosys, an Indian IT giant, is also of things, block chain and 5G.
a global hub for cyber security product expanding its cyber defence centres There is, however, a shortage of skilled
solutions. The cyber security companies (CDCs) from existing 5 (located in Pune, manpower. NASSCOM has estimated
in India have increased from 1 in 1990 Hyderabad and Bucharest) to 7 (2 new that India needs 1 million skilled people
to 175 in 2018. Seventy percent of these ones in Indianapolis and Mysuru). whereas at present we have around 50000
Wikimedia Commons
Feature detection (pictured: edge detection) helps Artificial Intelligence compose informative abstract structures out of raw data
t m o v i ng T h e
unemployment problems in India. cooperative environment among the
r ld i s f a s institutions looking after cyber security.
Integrated Cyber Security Strategy and The wo igital economy. nomy Even for developing skill capabilities,
Policy-Need of the Hour towards de USA’s digital eco ion, a collaboration between educational