- Cyber Security is protecting cyber space including critical information infrastructure from attack, damage, misuse and economic espionage.
- Cyber Space: A global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
- Critical Information Infrastructure: According to Section 70(1) of the Information Technology Act, CII is defined as a “computer resource, the incapacitation or destruction of which, shall have direct impact on national security, economy, public health or safety”.
- Cyber Attack: It is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization.
Purpose behind Cyber Attacks
- To seek commercial gain by hacking banks and financial institutions.
- To attack critical assets of a nation.
- To penetrate into both corporate and military data servers to obtain plans and intelligence.
- To hack sites to virally communicate a message for some specific campaign related to politics and society.
Types of Cybercrime
Let us now discuss the major types of cybercrime − Hacking
It is an illegal practice by which a hacker breaches the computer’s security system of someone for personal interest.
Mass surveillance means surveillance of a substantial fraction of a group of people by the authority especially for the security purpose, but if someone does it for personal interest, it is considered as cybercrime.
It is one of the most heinous crimes that is practiced across the world. Children are sexually abused and videos are being made and uploaded on the Internet.
It is the practice of establishing an emotional connection with a child especially for the purpose of child-trafficking and child prostitution.
If someone infringes someone’s protected copyright without permission and publishes that with his own name, is known as copyright infringement.
illegal possession of money by an individual or an organization is known as money laundering. It typically involves transfers of money through foreign banks and/or legitimate business. In other words, it is the practice of transforming illegitimately earned money into the legitimate financial system.
When a hacker hacks someone’s email server, or computer system and demands money to reinstate the system, it is known as cyber-extortion.
Normally, when someone hacks government’s security system or intimidates government or such a big organization to advance his political or social objectives by invading the security system through computer networks, it is known as cyberterrorism.
Types of Cyber Attacks
- Malware: short for malicious software refers to any kind of software that is designed to cause damage to a single computer, server, or computer network. Ransomware, Spy ware, Worms, viruses, and Trojans are all varieties of malware.
- Phishing: It is the method of trying to gather personal information using deceptive e-mails and websites.
- Denial of Service attacks: A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.
- Man-in-the-middle (MitM) attacks, also known as eavesdropping attacks, occur when attackers insert themselves into a two-party transaction. Once the attackers interrupt the traffic, they can filter and steal data.
- SQL Injection: SQL (pronounced “sequel”) stands for Structured Query Language, a programming language used to communicate with databases. Many of the servers that store critical data for websites and services use SQL to manage the data in their databases. A SQL injection attack specifically targets such kind of servers, using malicious code to get the server to divulge information it normally wouldn’t.
- Cross-Site Scripting (XSS):Similar to an SQL injection attack, this attack also involves injecting malicious code into a website, but in this case the website itself is not being attacked.
- Social engineering is an attack that relies on human interaction to trick users into breaking security procedures in order to gain sensitive information that is typically protected.
- WannaCry: It was a ransomware attack that spread rapidly in May, 2017. The ransomware locked users’ devices and prevented them from accessing data and software until a certain ransom was paid to the criminals. Top five cities in India (Kolkata, Delhi, Bhubaneswar, Pune and Mumbai) got impacted due to it.
- Mirai Botnet: Mirai is malware that infects smart devices.
Kudankulam Nuclear Power Plant Case
- An independent cybersecurity expert informed the National Security Council secretariat about a potential malware attack on the Kudankulam Plant on September 4, 2019.
- The malware used was identified as DTrack, a signature of the North Korean hacker group,
- The Nuclear Power Corporation of IndiaLtd (NPCIL) claimed that the malware hit a non-critical “administrative computer” that was connected to the Internet, but not to the Nuclear Power Plant Control System.
- However, there is no clear indication what the said system contained, and whether valuable information stored in it could be harvested for more complex spear-phishing attacks against the NPCIL in the future.
Cyber security is a potential activity by which information and other communication systems are protected from and/or defended against the unauthorized use or modification or exploitation or even theft.
Likewise, cyber security is a well-designed technique to protect computers, networks, different programs, personal data, etc., from unauthorized access.
All sorts of data whether it is government, corporate, or personal need high security; however, some of the data, which belongs to the government defense system, banks, defense research and development organization, etc. are highly confidential and even small amount of negligence to these data may cause great damage to the whole nation. Therefore, such data need security at a very high level.
How to Secure Data?
In order to make your security system strong, you need to pay attention to the following −
- Security Architecture
- Network Diagram
- Security Assessment Procedure
- Security Policies
- Risk Management Policy
- Backup and Restore Procedures
- Disaster Recovery Plan
- Risk Assessment Procedures
Components of Cyber Security
- Application Security: It encompasses measures or counter-measures that are taken during an application’s development process to protect it from threats that can come through flaws in the app design, development, deployment, upgrade or maintenance.
Information security: It is related to the protection of information from an unauthorized access to avoid identity theft and to protect privacy.
- Network Security: It includes activities to protect the usability, reliability, integrity and safety of the network.
- Disaster Recovery Planning: It is a process that includes performing risk assessment, establishing priorities, developing recovery strategies in case of an attack.
Need for Cyber Security
- For Individuals: Photos, videos and other personal information shared by an individual on social networking sites can be inappropriately used by others, leading to serious and even life-threatening incidents.
- For Business Organizations: Companies have a lot of data and information on their systems. A cyber-attack may lead to loss of competitive information (such as patents or original work), loss of employees/customers private data resulting into complete loss of public trust on the integrity of the organization.
- For Government: A local, state or central government maintains huge amount of confidential data related to country (geographical, military strategic assets etc.) and citizens. Unauthorized access to the data can lead to serious threats on a country.
- The International Telecommunication Union (ITU) is a specialized agency within the United Nations which plays a leading role in the standardization and development of telecommunications and cyber security issues.
- Budapest Convention on Cybercrime: It is an international treaty that seeks to address Internet and computer crime (cybercrime) by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. It came into force on 1 July 2004. India is not a signatory to this convention.
- Internet Governance Forum (IGF): It brings together all stakeholders i.e.government, private sector and civil society on the Internet governance debate. It was first convened in October–November 2006.
- Internet Corporation for Assigned Names and Numbers (ICANN): It is a non-profit organization responsible for coordinating the maintenance and procedures of several databases related to the namespaces and numerical spaces of the Internet, ensuring the network’s stable and secure operation. It has its headquarters in Los Angeles, U.S.A.
Laws related to Cyber Security in India
Information Technology Act, 2000
- The act regulates use of computers, computer systems, computer networks and also data and information in electronic format.
- The act lists down among other things, following as offences:
- Tampering with computer source documents.
- Hacking with computer system
- Act of cyber terrorism i.e. accessing a protected system with the intention of threatening the unity, integrity, sovereignty or security of country.
- Cheating using computer resource etc. Strategies under National Cyber Policy, 2013
- Creating a secure cyber ecosystem.
- Creating mechanisms for security threats and responses to the same through national systems and processes.
- National Computer Emergency Response Team (CERT-in) functions as the nodal agency for coordination of all cyber security efforts, emergency responses, and crisis management.
- Securing e-governance by implementing global best practices, and wider use of Public Key Infrastructure.
- Protection and resilience of critical information infrastructure with the National Critical Information Infrastructure Protection Centre (NCIIPC) operating as the nodal agency.
- NCIIPC has been created under Information Technology Act, 2000 to secure India’s critical information infrastructure. It is based in New Delhi.
- Promoting cutting edge research and development of cyber security technology. ▪ Human Resource Development through education and training programs to build capacity.
- Increased use of mobile technology and internet by people.
- Proliferation of Internet of Things (IoT) and lack of proper security infrastructure in some devices.
- Cyberspace has inherent vulnerabilities that cannot be removed.
- Internet technology makes it relatively easy to misdirect attribution to other parties.
- It is generally seen that attack technology outpaces defence technology.
- Lack of awareness on Cyber security.
- Lack of Cyber security specialists.
- Increased use of cyberspace by terrorists.
Recent Steps taken by Government
- Cyber Surakshit Bharat Initiative: It was launched in 2018 with an aim to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
- National Cyber security Coordination Centre (NCCC): In 2017, the NCCC was developed. Its mandate is to scan internet traffic and communication metadata (which are little snippets of information hidden inside each communication) coming into the country to detect real-time cyber threats.
- Cyber Swachhta Kendra: In 2017, this platform was introduced for internet users to clean their computers and devices by wiping out viruses and malware.
- Training of 1.14 Lakh persons through 52 institutions under the Information Security Education and Awareness Project (ISEA) – a project to raise awareness and to provide research, education and training in the field of Information Security.
- International cooperation: Looking forward to becoming a secure cyber ecosystem, India has joined hands with several developed countries like the United States, Singapore, Japan, etc. These agreements will help India to challenge even more sophisticated cyber threats.