Technology

Written by
  • Saturday, 07 July 2018 11:45

INDIA’S CYBER SECURITY: ARCHITECTURE AND IMPERATIVES

RAPID AND UNPRECEDENTED growth of Information and Communication Technologies (ICT) and media with its speedy and all-pervasive penetration has ushered in the digital age. Not only has it brought the world together through globalisation, it has become the driver for economic growth. Technology and Information are the new normal of this digital transformation. This transition from an industrial to an information era has also ushered in a new security paradigm with new threats to both national and human security. With large scale automation, technology and connectivity, the developed nations are enjoying a much better quality of life. There exists a definite digital divide amongst the developed, developing and poor nations. This digital divide, coupled with the rising aspirations of the people accentuated by religious beliefs and cultural issues and technology denial have created serious security issues wherein new threats by way of cyber-crimes, cyber terrorism, cyber espionage and even cyber war have emerged making cyber security a strategic imperative at the national, regional and international levels.

Cyber Espionage

Internet has become a very powerful source for intelligence collection in support of national, diplomatic, military, technology or economic objectives. It is estimated that more than 90 percent of “open source intelligence” is being obtained from the cyber world. It is economical and safe. Cyber espionage is also being used for technology theft and for launching probing missions on the critical infrastructure for possible exploitation later. The fact that attack vectors for cyber espionage and cyber war are the same makes cyber espionage a major threat in being.

Cyber Terrorism

Targeted attacks on a nation’s critical infrastructure like military installations, power plants, air traffic control, surface transport traffic control, telecommunication networks would be considered as part of cyber terrorism. These are low level, “short of war” attacks which would cripple part of a critical infrastructure or adversely affect the functioning of a business. These attacks are not large enough to warrant a military response but have the potential to inflict enough damage that numerous attacks over a long period of time could harm economy, complicating a policymaker’s calculus for determining an appropriate response.

Social Media

Social Media like Facebook, Twitter, and LinkedIn has emerged as powerful tools for perception management, social engineering, cyber-crimes and intelligence. It has also emerged as a major instrument of waging “Asymmetric Warfare” through exploitation of the aspirations of people, differential development, varying religious beliefs and cultural leanings.

Cyber Warfare

Nations across the world have pronounced their doctrines of cyber warfare, have raised organisations to conduct cyber warfare and are busy in the making and testing of cyber weapons. USA is reported to have used “logic bombs” in Afghanistan and Syria to effectively neutralise their communication networks.

The Indian Scene

India is very vulnerable to cyber interventions due to certain strategic deficiencies, inadequate appreciation of the threat and rather tardy and disjointed implementation of policies.

India’s cyber security chief Gulshan Rai told Parliament’s finance standing committee in July 2017, that cyber threats had evolved swiftly from viruses and “nuisance” attacks in the early 2000s to sophisticated malware and advanced denial of service, and could pose the risk of severely destructive attacks by 2020. India will face increasingly sophisticated “destructive” cyber threats as compared to the “disruptive” attacks in the Indian cyberspace that are currently adding up to 200 million malware-related and 190,000 “unique” intrusions in any given week.

Other sectors high on the priority list of cyber criminals are banking, energy, telecom and defence, which along with the government, account for three-fourths of all cyber-attacks. The emergence of new services and apps, cloud and cognitive technologies, has made cyber security more challenging even as the value of data and its applications in commerce grows by the day, making cyber security a major task. India is setting up its own ‘cyber security architecture’ that will comprise the National Cyber Coordination Centre (NCCC) for threat assessment and information sharing among stakeholders, the Cyber Operation Centre that will be jointly run by the NTRO and the armed forces for threat management and mitigation for identified critical sectors and defence, and the National Critical Information Infrastructure Protection Centre (NCIIPC) under the NTRO for providing cover to ‘critical information infrastructure’. Concurrently, the government is also coming up with a legal framework to deal with cyber security; has launched a drive for creating greater awareness to this threat and is creating necessary human resource with requisite skills. Major cyber security projects under implementation are given in the succeeding paragraphs.

Botnet Cleaning and Malware Analysis Centre

India has the largest number of Botnets in the world. To obviate and limit the threat due to botnets, the Government has recently set up a Botnet Cleaning and Malware Analysis Centre. The project is a part of Digital India programme and aims to create safe and secure cyberspace. It will automatically detect botnets that trigger various cybercrimes and suggest the device owner to remove them from their device with their help.

Central Monitoring System (CMS)

Central Monitoring System, the Union Government’s ambitious electronic intelligence monitoring system, is likely to start functioning fully by this year-end. According to the Ministry of Home Affairs officials, the hi-tech unit which will provide unhindered access to phone calls, text messages, and social media conversations to law enforcement agencies in real-time will have two units in the inaugural phase in Delhi and Bangalore. National Critical Information Infrastructure Protection Centre (NCIIPC).

Grid Security Expert System (GSES)

The objective of the GSES is implementation of the Automatic Defence Mechanism to facilitate reliable and secure grid operation.

Crisis Management Plan

India has prepared a Crisis Management Plan for countering cyber-attacks and cyber terrorism for preventing the large scale disruption in the functioning of critical information systems of Government, public and private sector resources and services. The CMP for countering cyber attacks and cyber terrorism outlines a framework for dealing with cyber related incidents for rapid identification, swift response and remedial actions to mitigate and recover from cyber related incidents impacting critical national processes.

Network Traffic Analysis System

A monitoring and electronic surveillance project being executed by the DRDO. It appears to be Indian government’s first attempt of mass surveillance rather than individual targets. It will scan the activities over the social networking websites like twitter and would scan the mails and chat transcript and even the voices in the internet traffic. The above efforts are aligned towards developing a cyber defence capability. There is no information in the open domain regarding development of cyber offensive capabilities and their integration.

Imperatives

India needs national scale effort supported by political will, adequate funding, contemporary technology and skilled people to realise necessary cyber security capability. These imperatives would require synergy amongst various ministries and agencies through appropriate policy framework and organisation and must be executed concurrently. Some of the essential imperatives are given in the succeeding paragraphs.

Establish National Cyber Security Commission (NCSC) — a fully empowered body with its own department, on the lines of Space Commission and Atomic Energy Commission. The country needs to build thought leadership and weave together India’s potential in cyber security under one organisation. NCSC will have the onerous tasks of creating synergy amongst various stake holders through an enabling policy framework; developing technology, manpower, industry clusters, education standards and certification, intelligence and counter intelligence mechanisms, cyber forensics, security standards, and policy research. It will also coordinate with all ministries for National Critical Information Infrastructure (NCII) in their areas. It will play a catalytic role for the requirements of military in cyber warfare.

The National Cyber Security Policy 2013 needs to be revisited urgently in the light of rapid pace of technology development and very dynamic threat scenario. This policy should be translated to a time bound action plan in consonance with the national cyber security doctrine and specify clearly the responsibility for its execution and accountability. The policy, action plan, organisation and assured budgetary support must be discussed and approved by the Parliament.

Develop Cyber War Capability:

India urgently needs to develop policies and capabilities in this ‘Fifth’ domain of war. These cannot wait and must be taken up on top most priority in a “Mission Mode” by the Services. The situation and threats to India are unique and hence there is the necessity of developing an indigenous solution in consonance with the doctrine to include organisation, technology, skill sets, training infrastructure and R&D. Immediate raising of an Indian Cyber Command is a national strategic imperative.

Cyber Policy Research Centre:

There is no think tank that is studying policies and documents being produced by groupings of governments, industry, civil society, academia, interested organisations and international policy making organisations. Thousands of pages are being churned out, which require deeper understanding through analysis and discussions to decide on what is in India’s interest. We are unable to address policy as well as operational issues due to the lack of focused studies. Numerous NGOs created at the behest of foreign governments, are obfuscating policy discussions to derail national positions. Also as technology evolves, a large amount of cyber security research and policies require timely revision.

Cyber Threat Intelligence Centre:

India needs to have cyber analysis centres which collects attack data on various infrastructures, financial systems, web sites and services; correlate “big data” generated from government with financial and commercial data to create patterns and suggest anomalies, for advance preventive actions.

Cyber Workforce Development:

There is an urgent requirement to have a national plan to develop cyber security workforce and an associated cadre. NCSP 2013 has set up a target of five lakhs skilled cyber resource in the non-formal sector for cyber security and also to exploit the business opportunity of providing services to global customers by 2018. India also must lay emphasis on developing “Science of Cyber Security”.

R&D for Product Development:

India needs focused R&D in the development of safe products; discovery and analysis of vulnerabilities, fixing attribution and design of cyber weapons. Manufacturing and export of cyber security products presents a very attractive opportunity for India.

Security Standards and Frameworks, Audit:

India needs to develop and promulgate the cyber security standards and frameworks for development, and audit processes for assurance of protection of our NCII. Enabling Policy measures are required to encourage establishment of testing labs for managing ICT Supply Chain Risks.

Cyber-crime investigations:

There is an urgent need for development and continual upgradation of cyber forensics capabilities and investigating skills with our law enforcement agencies (LEAs), to handle cyber-crimes in the ever expanding proliferation of devices, platforms, big data, Internet of Things, mobility and social media.

Build Thought Leadership, Executive/ Political Sponsors:

Build cyber security savvy leadership, subject matter experts, solution architects and system engineers so as to address the inadequate comprehension of lack of cyber security capability and its bearing on national security including the military dimension.

Leveraging Diaspora:

Indian diaspora is at the forefront of building security technologies, platforms and solutions across world class institutions and industry in USA and Europe. They can be the biggest catalyst in building cyber security capability. Proactive and aggressive steps should be taken to leverage the diaspora.

Outreach Programme to Attract Industry:

Government needs to make it attractive for the private sector to invest in capability building through innovative mechanisms, such as funding development of new technologies, committing to buy from partner companies etc. Both the government and the industry must recognise multibillion dollar opportunity in cyber security related products and services and cash on this through a focused and proactive approach as was done for IT.