GS 3 – Challenges to Internal Security through Communication Networks, Role of Media and Social Networking Sites in Internal Security Challenges, Basics of Cyber Security
Source: The Hindustan Times dated 21/05/2021 https://www.hindustantimes.com/opinion/cyber-attacks-on-critical-infrastructure-is-india-ready-101621514744151.html
Context : Last week, a major cyber attack crippled one of the largest pipelines in the United States (US), Colonial Pipeline, which carries about 45% of all fuel consumed on the country’s East Coast.
The shutdown led to the US federal government declaring a regional emergency to allow transportation of fuels through tanker trucks to tide over the impact of shortages.
What is a Ransomware attack?
- A ransomware attack is a cyberattack using malware that encrypts the victim’s files and requires users to pay a ransom to decrypt the files.
- This type of attack takes advantage of human, system, network, and software vulnerabilities to infect the victim’s device—which can be a computer, printer, smartphone, wearable, point-of-sale (POS) terminal, or other endpoint.
- One infected user can result in a data lockout for all users(illustrated below)
What is a critical infrastructure?
- Critical information infrastructure is communications or information service whose availability, reliability and resilience are essential to the functioning of a modern economy, security and other essential social values.
- Critical information sectors in India include Power, ICT/Communication, Finance/Banking, Transport and egovernance.
Other notable attacks targeting critical infrastructure and businesses
- The 2010 Stuxnet attack on Iranian nuclear reactor
- The 2017 WannaCry and NotPetya ransomware attacks
- The 2015 attack on Ukrainian power grids
- Ireland’s health service operator shut down all its IT systems last week to protect them from a significant ransomware attack the government said was carried out by an international cyber crime gang.
Attacks on India
- The NotPetya attack had infected computer network of Maersk, the world’s largest shipping company. That infection led to further disruption of terminal operations, most prominently of APM Terminals Mumbai, at the Jawaharlal Nehru Port Trust, India’s biggest container port. This disruption further delayed cargo deliveries and interrupted global supply chains.
- A part of a network in India’s largest civil nuclear facility, the Kudankulam Nuclear Power Plant (KNPP) in Tamil Nadu, was breached in 2019
- In 2020, a China-linked hacker group RedEcho targeted India’s power sector, ports and parts of the railway infrastructure, affecting Mumbai.
Other types of cyberattacks
Everyday, 4 lakh malware are found and 375 cyber-attacks are witnessed, on an average according to National Cyber Security Coordinator.
Impacts of cybercrimes
- A Cybersecurity Ventures report further said that the estimated cybercrime costs of $10.5 trillion a year are larger than the “damage inflicted from natural disasters” globally.
- Cyber attacks in India caused financial damages to the tune of about USD 500,000 to Indian companies in the last 12-18 months.
India ranks 3rd in terms of number of internet users after USA and China. By 2020, India is expected to have 730 million internet users with 75% of new users from rural areas.
- NCIIPC(established in 2014)
- the nodal agency to work with the public and private sectors for plugging gaps in their critical infrastructure systems.
- Provides detailed operational and technical guidelines for critical infrastructure operators to secure their systems.
- Brings out the Common Vulnerabilities and Exposures reports, which alert operators on incoming threats.
- Dedicated CERTs (CERT-Thermal, CERT-Hydro, CERT-Transmission) disseminate information about cyber incidents in the power sector.
- National cyber coordination centre (NCCC) to scan internet traffic coming into the country and provide real time situational awareness and alert various security agencies.
- Indian Cyber Crime Coordination Centre (I4C): It aims to combat cybercrime in the country, in a coordinated and effective manner
- Ministry of Defence formed Defence Cyber Agency in the realm of military cyber security.
- National Information Centre Computer Emergency Response Team (NIC-CERT) to prevent and predict cyber-attacks on government utilities.
- Information Technology Act, 2000 (amended in 2008) to provide a legal framework for transactions carried out by means of electronic data interchange, for data access for cybersecurity etc.
- National Cyber Security Policy 2013
- Inhibition in the private (and public) sector to share information about the vulnerability of their systems.
- Businesses fear exposing themselves and losing a competitive edge over rivals.
- Critical infrastructure operators have resorted to plugging the security gaps in their systems whenever faced with a cyberattack or data breach
- This reticent approach of operators and businesses is tactical and short-term, overlooking the possibility of concerted cyber warfare by adversarial States against India.
- Any solution to counter the risk of increasing cyberattacks involves sharing responsibility through a public-private partnership for critical infrastructure protection.
- Cyber Surakshit Bharat Initiative to strengthen cybersecurity ecosystem in India- first public private partnership of its kind and will leverage the expertise of the IT industry in cybersecurity.
- Establishing cyber insurance framework: Currently the average cost of a cyber insurance in India is around $7.5 million which in comparison to developed countries is about 20-25% lesser.
- Updation of cyber security policy
- Cloud Access Security Brokers (CPAB)- can act as intermediaries between users and cloud service providers and could “give teeth” to an overall cybersecurity strategy.
Budapest convention on cybercrime This convention of the council of Europe is the only binding international instrument on this issue that addresses Internet and computer crime by harmonizing national laws, improving legal authorities for investigative techniques, and increasing cooperation among nations. The Convention has 56 members, including the US and the UK. India is not yet a member.
In light of the attack on the Colonial Pipeline in the US, India’s oil and gas PSUs are making efforts to beef up security, and organisations managing critical infrastructure such as pipelines and refineries are required by the government to implement certain security measures.
In addition to that, the institution of National Cybersecurity Coordinator (NCC) may be strengthened to bring about much-needed synergy among various institutions and work out a coordinated approach to cyber security, including cyber deterrence.