Cybercrime and security are serious concerns for which the government has to be prepared
The government has been grudgingly accepting India’s less-than-stellar cyber security capabilities in the wake of an investigative report published by the newspaper ‘The Tribune’ on January 4. The report exposed the flimsiness of India’s cyber security protocols in managing its citizen database, which is in the form of an ‘Aadhaar’ number linked to the individuals’ biometric and demographic data. Domestic criminals or external enemies may use this information for financial fraud or identity theft through a tactic known as social engineering in which they attempt to manipulate people on the phone or online to reveal confidential information such as passwords or bank details.
The government has maintained plausible deniability and initiated knee-jerk reactions to allay the country’s fears. The problem is lack of in-depth awareness of cyber security and a nebulous overarching policy by the government. In contrast, last year Chinese President Xi Jinping said that his country will push for the integration of the internet, big data and Artificial Intelligence (AI) with the economy to move up the value chain. The Chinese news agency Xinhua also reported that Beijing will be developing a USD2 billion AI park to fulfil its ambition to become a world leader in AI by 2025. Unsurprisingly, China’s new AI plan explicitly highlights an approach of military-civil fusion to ensure that advances in AI can be readily leveraged for national defence. The comparison with China is to simply illustrate our strategic policy hollowness.
The concern about network security is not just an elitist concern about individual privacy but a matter of utmost national security. The Central Electricity Authority (CEA) has warned of threats to smart grid systems in the country and requested for an ‘urgent’ need to develop a cyber security framework. In a report titled ‘Cyber Security in Power System’, the authority has recommended a slew of measures including improved standards to assess cyber security and multiple checks of all imported power equipment. The CEA said that it was necessary that the security establishment “have complete information about the mechanism of protecting critical infrastructure like power sector, its crisis management plan and command structure and procedures to follow in case of an emergency due to cyber security threat.”
The government has not completely ignored the necessity of cyber structures as it furiously promotes ‘Digital India’ and aims to move governance models online. The Ministry of Electronics and Information Technology (MeitY) in January 2018 launched the ‘Cyber Surakshit Bharat’ initiative in association with National e-Governance Division (NeGD) and industry partners to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISO) and frontline IT staff across all government departments. The home ministry has also pitched that the country reconsiders its position on becoming a member of the Budapest Convention. The Convention, which has 56 members, provides for the criminalisation of conduct, ranging from illegal access, data and systems interference to computer-related fraud and child pornography, procedural law tools to make investigation of cybercrime, securing of e-evidence in relation to any crime more effective, and international police and judicial cooperation on cybercrime and e-evidence. Home minister Rajnath Singh, who had announced the setting up of Indian Cyber Crime Coordination Centre (I4C) in 2016, has now set a deadline of February 2018 to operationalise it. I4C will be set up under the newly created Cyber and Information Security (CIS) division of the MHA and will have four wings, namely security clearance, cybercrime prevention, cyber security, and information security.
You must be logged in to view this content.