Daily News Simplified -

DNS
06 03 21
Notes
SL. THE HINDU
TOPICS
NO. PAGE NO.
Patching the gaps in India’s cybersecurity
1 06
(Cyber Security: Steps taken, Challenges and Strategies needed)

2 OPEC+ move to hit recovery 14

3 Technology for air-to-air missiles tested 10

4 Secrecy shrouds proposed cryptocurrency Bill: IAMAI 10

5 Pochampally Sarees: India’s Cultural Heritage 14

1. UPSC Current Affairs: Patching the gaps in India’s cybersecurity (Cyber Security: Steps taken, Challenges and Strategies
needed)| Page 06
UPSC Syllabus: Mains – GS Paper II- Polity & Governance
Sub Theme: Cyber Security | UPSC

Recently, a Chinese Group named as "Red Echo" was behind a malware attack known as "Shadow pad" on
India's critical information infrastructure such as Ports, power systems etc.

In this regard, this article discusses India's vulnerability to cyber attacks, steps taken by India to improve Cyber
security and what strategies should it adopt in order to prevent such attacks in future.
 
Background
Date: 06-Mar-2021 DNS Notes - Revision

We depend upon the ICT for number of purposes such as Booking Flight tickets, transferring money, Booking a
cab etc. Similarly, number of sectors such as Banking & Finance, Transportation, Nuclear power facilities,
Space sector, Power transmission etc. are dependent on ICT. Undoubtedly, the rapid advancements in the
field of ICT has led to economic growth and development and has also made our lives much more easier.

At the same time, the Cyber space has become highly vulnerable to cyber attacks and Crimes. Unlike the
geographical boundaries such ( Land, water), Cyberspace has no geographical limitation. It is completely
borderless and hence protection of Cyberspace becomes even more challenging.

India has been victim to the Cyber attacks number of times in the recent past:
2017: WannaCry and Petya Ransomware
2018: Aadhaar Software hacked and Aadhaar details of the people leaked online
India is the third most vulnerable country to Cyber attacks according to Internet Security Threat report
published by Symantec.

Financial loss: According to the Data Security Council of India, India has been the second most cyber attacks
affected country between 2016 to 2018. Cyber crimes in India caused Rs 1.25 lakh crore loss in 2019.
 
 
Basics of Cyber Security:

Based upon the motive, Cyber threats can be of 4 types:

Cyber Espionage: The act or practice of obtaining secret information i.e. personal, sensitive, classified nature
from individuals, competitors or governments using malicious software such as Trojan horses and spyware.
Motive is to obtain secret information which could go against our National security.
Cyber Attack: Targets computer information systems, infrastructures, computer networks. Motive is to
damage or destroy targeted computer network or system. Impact: Destruction of Communication network.
Cyber Terrorism: Convergence of terrorism and cyber space. Cyberspace has been used the by terrorists for
number of purposes such as Planning terrorist attacks, recruitment of sympathizers, Spreading propaganda to
radicalise people, to raise funding etc.
Cyber warfare: Warfare carried out by a country or its proxies to attack the computer systems in other
countries. Can Include- Theft, Vandalism ( Defacing Web Pages), Destruction of Critical information
infrastructure.
 
Impact:

Impact on data: Confidentiality, Integrity and Availability of information

Impact on Critical Information Infrastructure: Presently, most of the sectors are critically dependent on the
use of ICT to carry on their operations. These sectors being Banking and Finance, Power systems, Transport
sector, Telecommunication etc. Cyber attacks on these critical information infrastructure can bring the entire
country to a grinding halt. For example, the recent Chinese cyber attack on the power system in Mumbai
brought the entire city to a halt. The local trains, which are considered as Mumbai's lifeline stopped
functioning and people got stranded. Similarly, the Stuxnet worm attack on the Iranian Nuclear facilities led to
the destruction of the equipments which were controlled by the computers. Clearly, the Stuxnet worm has
shown us as to how the cyber attacks can lead to physical destruction of information systems.
Financial loss: According to the Data Security Council of India, India has been the second most cyber attacks
affected country between 2016 to 2018. Cyber crimes in India caused Rs 1.25 lakh crore loss in 2019.
Effect the National Security and peace and stability in a country.
 
Tools of Cyber attacks:
Date: 06-Mar-2021 DNS Notes - Revision

Malware: Malicious software to disrupt computers. It can include Virus, Spyware, Trojans etc.  
Phishing: It is the method of trying to gather personal information using deceptive e-mails and websites.
Denial of Service attacks: A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or
network, making it inaccessible to its intended users.
Hacktivism: Misusing a computer system or network for a socially or politically motivated reason. For
example, the hacktivists can block access to Government's website, deface government's website or unblock
the sites which have been blocked by the Government.
Social Engineering: Entice users to provide confidential information. For example, these days u must have
come across some of the fake Facebook accounts which are opened in the name of your close friends. First,
the cyber attackers send you the friend request in the name of your close friend. Once u accept it, they will ask
to request you to transfer some money.
 
Steps taken by India to improve Cyber Security

The International Telecommunication Union (ITU) released Global Cyber Security Index in 2017. This index
measures the performance of the countries in terms of policies taken by them to improve cyber security. India
was placed at 23rd rank among 165 countries. The relatively higher ranking of India shows that India has taken
adequate measures for the protection of cyber space.
 
Section 66F of ITA: Specific provision dealing with the issue of cyber terrorism that covers denial of access,
unauthorized access, introduction of computer contaminant leading to harm to persons, property, critical
infrastructure, disruption of supplies, ‘sensitive data’ thefts. Provides for punishment which may extend to life
time imprisonment.

National Cyber Security Policy 2013: Policy document drafted by the Department of Electronics and
Information Technology. Established National Critical Information Infrastructure Protection Centre (NCIIPC) to
improve the protection and resilience of the country’s critical infrastructure information; Create a workforce
of 5 lakh professionals skilled in cybersecurity in the next 5 years.

National Critical Information Infrastructure Protection Centre (NCIIPC): It has been setup to enhance the
protection and resilience of Nation’s Critical information infrastructure. It functions under the National
Technical Research Organization (NTRO).

CERT-IN: Organization under the Ministry of Electronics and Information Technology with an objective of
securing Indian cyberspace. The purpose of CERT-In is to respond to computer
security incidents, report on vulnerabilities and promote effective IT security practices throughout the
country. According to the provisions of the Information Technology Amendment Act 2008, CERT-In is
responsible for overseeing administration of the Act.
Cyber Surakshit Bharat Initiative: It was launched in 2018 with an aim to spread awareness about cybercrime
and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff
across all government departments.

Cyber Crisis Management Plan (CCMP): It aims at countering cyber threats and cyber terrorism 

National Cyber Coordination Centre (NCCC): It seeks to generate necessary situational awareness of existing
and potential cyber security threats and enable timely information sharing for proactive,
preventive and protective actions by individual entities.

National Cyber Security Coordinator (NCSC) under National Security Council Secretariat (NSCS) coordinates
with different agencies at the national level for cyber security matters.
Date: 06-Mar-2021 DNS Notes - Revision

Cyber Swachhta Kendra: This platform was introduced for internet users to clean their computers and devices
by wiping out viruses and malware.

Information Security Education and Awareness Project (ISEA): Training of personnel to raise awareness and
to provide research, education and training in the field of Information Security.
 
Challenges and Strategies in India's Cyber Security

International Convention: Presently, Budapest Convention is the first international treaty seeking to address
Internet and computer crime by harmonizing national laws, improving investigative techniques, and increasing
cooperation among nations. This convention promotes greater cooperation between countries in fighting
cyber crimes. However, India has not joined this convention. This is because the convention allows for cross
border access to data to carry out investigation and India believes that such cross border access to data can
infringe on National Sovereignty.

However, some of the cyber experts have pointed out that, given the threats faced by us, India should accede
to Budapest Convention at the earliest. It would reduce India's capacity to combat cyber crimes at a global
level.

PPP Framework for Cyber Security: Presently, most of the cyber security operations are carried out by the
Government agencies such as CERT-In. Given the fast changing nature and intensity of cyber threats, there is a
need to leverage private sector expertise in combating cyber crimes through PPP framework.

Skilled Professionals: Recently, according to a report published by NASSCOM, India needs around 10 lakh
cyber security experts. However, presently there are only around 64,000 professionals. One of the main
reasons for the lower number of cyber security professionals is due to lack of adequate number of specialised
courses in the cyber security, poor training Infrastructure, lack of availability of trainers etc.. Hence,
accordingly, the Government has to recognise the lacunae and increase the number of Skilled professionals.

Strengthen IT act and National Cyber Security Policy 2013: Some of the experts have pointed out that the
present legal and facilitative framework to fight cyber crimes i.e. IT Act and NCSP, 2013 are outdated and not
well-equipped enough to handle technologically advanced cyber crimes. In fact, the same has been
acknowledged by PM Modi. Recently, while delivering his Independence day speech on August 2020, PM Modi
has said that the Government is working on new Cyber security Policy 2020. Presently, it is in draft stage and
hence Government must expedite the process and come out with final policy at the earliest.

Securing Secure Cyber Ecosystem:

 Appointment of Chief Information Security Officer in all the Organisations.
 Earmark certain percent of funds towards enhancing cyber security
 Provide tax incentives to companies to upgrade information infrastructure
 Investment in R&D to improve Cyber Security- Big data, AI

Enhancing Awareness among the people through the awareness campaigns

Date: 06-Mar-2021 DNS Notes - Revision
Date: 06-Mar-2021 DNS Notes - Revision
Date: 06-Mar-2021 DNS Notes - Revision

2. UPSC Current Affairs: OPEC+ move to hit recovery | Page 14

UPSC Syllabus: Mains – GS Paper II - International Relation
Sub Theme: OPEC| Oil supply chain | UPSC

Global oil supply

 Globally major suppliers of oil include OPEC (The Organization of the Petroleum Exporting
Countries) who are responsible for about 40 percent of the world’s oil supply and 60 percent
of the oil traded globally.
 OPEC includes 14 countries with major ones including Saudi Arabia, Iran, Iraq, UAE, and
Venezuela to name a few. (Qatar withdrew from the group in 2018)
 Saudi Arabia is the world’s largest supplier with nearly 10% of the global share
 Major Non-OPEC producer and suppliers of oil include USA (since 2014) and Russia.

In focus: OPEC+ Deal

 Under the Vienna Agreement of 2016, OPEC-plus deal was signed between major oil
producers to coordinate the production levels to check the price fluctuation
 It is basically an agreement between OPEC and non-OPEC oil producers, to cut oil production
in order to prevent falling oil prices.
 Besides the deal is seen as a counter to keep the oil prices from falling due to shale oil
production from US since 2014
Date: 06-Mar-2021 DNS Notes - Revision

3. UPSC Current Affairs:  Technology for air-to-air missiles tested | Page 10

UPSC Syllabus: Mains – GS Paper III – Science & Technology
Sub Theme: Solid Fuel Ducted Ramjet (SFDR) technology | UPSC
  

The Defence Research and Development Organisation (DRDO) on Friday successfully carried out a flight
demonstration based on Solid Fuel Ducted Ramjet (SFDR) technology from Integrated Test Range Chandipur
off the Odisha coast.

Solid Fuel Ducted Ramjet (SFDR)

 It is a missile propulsion technology jointly developed by India and Russia.

 It will improve the propulsion systems of future Indian long range air-to-air missiles. (Astra, air-to-air
missile of India, has range of 80 km)
 The missiles which use such system are also able to carry larger payload due to absence of an oxidiser.
 Unlike solid-propellant rocket, the Ramjet takes up oxygen from the atmosphere during flight.
 Ducted rocket is Air-augmented rocket having a convergent-divergent nozzle. This ensures that
combustion takes place at subsonic speeds, improving the range of vehicle speeds where the system
remains useful.

Significance

 It will help both India’s surface-to-air and air-to-air missiles to perform better and enhance their strike
range.
 With it, India can have fastest long-range missiles in two categories, providing full-fledged and multi-
layered aerial protection from hostile attacks.
 As per International Institute for Strategic Studies (IISS), this kind of propulsion system drastically
enhances the range with higher average speed.
 Its successful use in missiles will mark India’s entry into select club of nations that use next-generation
missile technology against manoeuvring targets, compromising effectiveness of conventional missiles.
 The Solid Fuel Ducted Ramjet is a missile propulsion system that includes a thrust modulated ducted
rocket with a reduced smoke nozzle-less missile booster.
 The system utilises a solid fuelled air-breathing ramjet engine.
 Officially, the technology is being developed to power future Indian air-to-air missiles. However, the
technology can also be applied to surface-to-air missiles.
Date: 06-Mar-2021 DNS Notes - Revision

         
Date: 06-Mar-2021 DNS Notes - Revision

4. UPSC Current Affairs:  Secrecy shrouds proposed cryptocurrency Bill: IAMAI | Page 10
UPSC Syllabus: Mains – GS Paper II- Polity & Governance
Sub Theme: Cryptocurrency | UPSC

What is Central Bank Digital Currency (CBDC)?

Firstly, It is a digital currency backed by the Central bank of a country. Just like currency notes issued by
the Central Bank, the CDBC is a legal tender and accepted for the payment of various transactions within
a country.
Secondly, unlike the cryptocurrencies, the CBDC is backed by the Central Bank and hence enjoy more
amount of stability and less volatility.
Thirdly, it is considered as "programmable money" . The Central Bank can enable the usage of CBDC for
certain selected users - either the people or only the Financial Institutions. If the CBDC is enabled to be
used by the people, it would be referred to as "Retail CBDC". So, just like how people use cash for day-
to-day transactions, they would also be allowed to use CBDC.
On the other hand, the CBDC can be enabled to be used only by the Financial institutions such as Banks,
NBFCs etc and in such case it would be referred to as "Wholesale CBDC". The CBDC can be used by
financial institutions for settling the transactions amongst them as well as for carrying out transactions
with the Central Bank. The people would not be allowed to use such wholesale CBDC.
Further, the CBDC is also referred as a programmable money because it can be programmed only for
certain selected transactions or they may be enabled in certain specific regions of the country only.
Lastly, just like cryptocurrencies, the CBDC works on Blockchain technology and hence details of every
transaction- amount, accounts involved, purpose etc. is recorded.
 
Benefits of CBDC:
The Subhash Chandra Garg Committee (2019) has recommended a ban on private cryptocurrencies on
account of concerns such as volatility, instability, security risk and risk of funding illegal activities.
However, the committee has highlighted that an official digital currency can have number of advantages
such as
 Promotes cashless society.
 Increase in Financial Inclusion
 Increase in effectiveness of Monetary Policy
 Push to development of Fintech sector
 Provide a real time picture of economic activity and hence better GDP estimates
and efficient monetary policy formulation.
 Traceability of transactions would crack down on corruption and money
laundering.
 Counter the monopoly of private sector issued cryptocurrencies.
 
Details about the Digital Currency issued in China
The Digital Currency issued in China is a programmed retail CBDC which would be used by the people for
certain selected transactions in the four Chinese cities. So, in a way, it is not yet a full-fledged digital
currency. It is still in experimental stage. Based upon the learning of pilot stage and its success, Chinese
Central Bank may decide to upscale the issuance of Digital currencies in future.
 
Experiments of CBDC in other Countries
Tunisia became one of the first countries in the world to issue a block chain based national currency
called eDinar also known as Digicash and BitDinar. Ecuador, which officially banned Bitcoin in 2014,
introduced SISTEMA de Dinero Electronico, its own digital currency. Venezuela has also launched its own
oil-based cryptocurrency to circumvent US sanctions that had adversely impacted the economy.
 
Date: 06-Mar-2021 DNS Notes - Revision

Issuance of CBDC in India

The Committee to study issues related to Virtual Currencies (2019) headed by Subhash Chandra Garg
has recommended that we need to have an open mind regarding the introduction of an official digital
currency in India. It recommended that, if required, a Committee may be setup to examine and develop
an appropriate model of digital currency in India. If such a digital currency is issued, RBI should be the
regulator.
The Draft National Blockchain Strategy tabled by the National Institute for Smart Governance has also
called for India to develop a Central Bank Digital Rupee.
Date: 06-Mar-2021 DNS Notes - Revision

5. UPSC Current Affairs:  Pochampally Sarees: India’s Cultural Heritage| Page 14

UPSC Syllabus: Prelims: Art & Culture
Sub Theme: Regional Textiles | UPSC

Pochampally sari

 Pochampally sari or Pochampalli ikat is a saree made in Bhoodan Pochampally, Yadadri Bhuvanagiri
district, Telangana State, India.
 They have traditional geometric patterns in Ikat style of dyeing. The intricate geometric designs find
their way into sarees and dress materials.
 The Indian government's official airplane company, Air India, has its cabin crew wear specially
designed Pochampally silk sarees.

Ikat
 Ikat (in Indonesian languages means "bind") is a dyeing technique originated from Indonesia used to
pattern textiles that employs resist dyeing on the yarns prior to dyeing and weaving the fabric.

GI Tag
 The famed Ikat style, whose creations include the attractive `Tie and Dye' and silk woven sarees from
Pochampally village, about 50 km from Hyderabad, has now been granted the Geographical Indication
(GI) status, giving it both protection and branding.
 Pochampally Ikat, will henceforth be the registered property of Pochampally Handloom Weavers'
Cooperative Society Ltd and the Pochampally Handloom Tie and Dye Silk Sarees Manufacturers
Association.
 It has been registered with the GI Registry, Chennai, under the Geographical Indication of Goods
(Registration and Protection) Act, 1999.