IN THE FACE OF RISING CYBER-ALERTS, INDIA ENTERS ACTIVE CYBER-THREAT PREVENTION MODE
The cyber threats and vulnerabilities in the Indian ecosystem have only grown over time. Following the severity of cyberattacks, India’s top cyber security agency CERT-In has issued alerts and advisories to protect computers and networks on a regular basis.
As a part of formulating draft National Cyber Security Strategy 2021 (NCSS2021), the government had empanelled 58 security auditing organisations to support and audit implementation of Information Security Best Practices (ISBP).
Nearly 15 training programs were conducted in 2020 and 10 until June 2021, to address the issues of security of national cyberspace. Regular training programs for network or system administrators and Chief Information Security Officers (CISOs) were also conducted by CERT-In.
A data revealed that the country observed nearly 6.07 lakh cyber security incidents in the first half of 2021. The government has taken a number of measures to enhance the cyber security posture and prevent cyber attacks. These measures would not only ensure the accountability of digital platforms to users but prescribe additional due diligence to the social media parties as well.
The National Cyber Coordination Centre (NCCC) to make people aware about the potential cyber security threats has been setup by the government. For detecting and responding purposes, a Security Monitoring Centre (SMC) is also in place at the National Informatics Centre (NIC).
Meanwhile, the Indian government is operating a ‘Cyber Swachhta Kendra’ (Botnet Cleaning and Malware Analysis Centre) for detection and removal of malicious programs. A crime reporting portal, called www.cybercrime.gov.in is enabled for the public that can report cybercrime incidents against women and children.
India’s offensive cyber capabilities are also on the build. The sharp increase in Chinese activity against Indian networks and constant disinformation campaigns from the neighbouring adversary Pakistan has brought a shift in India’s cyber approach. India is partnering with private actors and threat groups, to mitigate the steady growth in cyberattacks.
In view of cyberpower, India is not as developed as China, which is also “substantially below the combined cyber power of the US network of alliances”. In terms of the strategy, governance and control of cyber capabilities, core cyber-intelligence capability, cyber empowerment and dependence, cyber security and resilience, global leadership in cyberspace affairs, and offensive cyber capability, India ranks in third tier countries.
Despite the ranking, India is managing to deal with the “significant weaknesses” in other parameters with the help of private firms providing cyber offensive and cyber-intelligence services. Indian APT groups like Dark Basin, SideWinder, Viceoy Tiger, APT C-35 and companies like Phronesis, Aglaya, Srivastava Group are playing an important role in strengthening the country’s offensive cyber front. Meanwhile, firms like ClearTrail Technologies, Shoghi Communications, CyberRoot Risk Advisory Group etc. have risen to prominence as a provider of intelligence services in India.
The “geo-strategic instability” in the region and a “keen awareness” of the cyber threat from the neighbouring adversaries has brought into light the “slow and incremental” progress of cyber governance in India. Therefore amid growing cyber alerts, India’s clear focus is on improving the cyber-intelligence and cyber offensive capabilities by partnering with the private actors and regional allies to create an active cyber threat prevention mode.