Ads

Ads
Center Of Excellence (CoE) For Internet Of Things (IoT) In India

Wednesday, November 7, 2012

Offensive And Defensive Cyber Security Capabilities Of India

There are many glaring cyber security problems of India and challenges and the chief among them is to protect the critical infrastructure of India that is dependent upon information technology. Cyber security issues in India like cyber warfare, cyber terrorism, cyber espionage, critical infrastructure protection, etc cannot be ignored by Indian government any more.

The cyber security reflections of India have not shown a good picture about India. We have no dedicated cyber security laws in India as well. Indian critical infrastructures are vulnerable to cyber attacks and we must ensure sufficient cyber security for the same. We at Perry4Law Techno Legal Base (PTLB) are managing some very effective techno legal cyber security in initiatives in India.


Maintaining cyber security at the international level is a tedious task. This is so because cyberspace does not recognizes any boundary and cyber attacks can be launched from any part of the world. While cyber attacks upon various computer systems and computer resources are cause of concern yet cyber attacks upon critical infrastructures is of grave concern.

Meanwhile, India is increasingly facing cyber attacks and cyber threats from foreign nationals. Cyber terrorism against India, cyber warfare against India, cyber espionage against India and cyber attacks against India has already increased a lot. Even the cyber law trends of India 2012 by various sources have also projected an increased rate of cyber crimes in India and cyber attacks against India in the year 2012.

The biggest cyber threat against India is originating in the form of cyber attacks upon Indian critical infrastructures. Critical infrastructure protection in India requires a well formulated policy. Presently we have no critical infrastructure protection policy of India. Further, critical ICT (Information and Communication Technology) infrastructure protection in India  is one area that requires special attention of Indian government.

In the present interconnected world, cyber security capabilities of India must be urgently developed. In fact, Indian critical infrastructure and cyber security challenges and issues have assumed so much significance that Indian government declared the establishment of National Critical Information Protection Centre (NCIPC) of India. It intends to ensure critical infrastructure protection and critical ICT infrastructure protection in India. 

This is a good beginning and we at PTLB welcome this initiative of Indian government. At the same time we would keep on strengthening the techno legal cyber security capabilities of India from time to time.  

Why Indian Critical Infrastructure Are Vulnerable To Cyber Attacks?

In the present interconnected world, cyber security capabilities of India must be urgently developed. In fact, Indian critical infrastructure and cyber security challenges and issues have assumed so much significance that Indian government declared the establishment of National Critical Information Protection Centre (NCIPC) of India.

The best way to ensure critical infrastructure protection in India is to make it a part of national cyber security policy of India. Various cyber security issues of India must also be part of such cyber security policy of India. Further, besides energy, defense, transportation and telecommunication, the financial sector which includes banks and stock exchanges must be suitably protected in India. Unfortunately, till now cyber security challenges of India remain unredressed.

The reliance of consumers and businesses on the cyberspace and interconnected networks would continue to increase. Critical industries like electric, water, oil and natural gas, transportation, automotive, and aerospace are increasingly dependent upon Industrial Control Systems like Supervisory Control And Data Acquisition (SCADA).

In fact, SCADA has become the new cyber attacks battlefield against India. An attack upon SCADA is essentially an attack upon the critical infrastructure of a nation. The SCADA systems may involve a human machine interface (HMI), a supervisory system managing the processes, remote terminal units (RTUs) interacting with the supervisory systems, programmable logic controller (PLCs) usable as field devices, etc.

Initially, running on proprietary control these have evolved with the availability of low-cost Internet Protocol (IP) devices, thus increasing the possibility of cyber security vulnerabilities and incidents.

The arrival of technology and augmented accessibility of broadband connectivity together with smart phones have eased the way in which consumer interacts and transacts online. Moreover, with the mass use of e-governance applications under the mission mode projects (MMPs) where citizen services are being provided online, human rights protection in cyberspace of digital citizens (netizens) must be ensured. This has resulted in the emergence of some very unique “Digital Issues” that were not available before the traditional governmental functioning.

Businesses are trying to cater this digital citizen by providing a whole host of applications operating at various platforms through various channels. Cyber security of these platforms, channels and applications are utmost important for the government and industry to ensure trust in the customer.

We must focus on the national cyber security elements- Framework, Machinery, Responsibility and Operations for all the critical information sectors like power, energy and finance. Suitable deliberations must take place with cyber security stakeholders of India on operating technologies like smart grid and industrial control system; the security and privacy imperatives of e-commerce, m-commerce and e-governance application and platforms. The cyber security ramifications at the global level must also be analysed. If Indian government is willing to protect t its critical infrastructures all these issues must be kept in mind.

Wednesday, October 31, 2012

The Glaring Cyber Security Problems Of India

It is very difficult to predict the future cyber security issues in India or in other nations. Even it is very difficult to analyse all the cyber security issues, challenges and problems of India and other jurisdictions.

However, one thing is for sure. Cyber security challenges in India are going to increase with the advent of sophisticated malware like Stuxnet, Duqu, Flame, Shamoon, etc. These customised malware are targeting the critical infrastructures around the world. To tackle these malware, cyber security capabilities in India must be strengthened.

If we analyse the cyber security reflections of India the position is really worrisome. The cyber law, cyber crimes and cyber security trends by Perry4Law and Perry4Law’s Techno Legal Base (PTLB) have marked many shortcomings of Indian cyber security capabilities.

Critical infrastructure protection in India is not in a very good shape. We have no critical ICT infrastructure protection policy of India as well. The critical infrastructures around the world like power grids, nuclear facilities, satellites, defense networks, governmental informatics infrastructures, etc are vulnerable to known and unknown malware.

According to cyber security experts cyber attacks are affecting Indian critical infrastructure and we are not even aware of the same. Critical infrastructure protection in India is needed as soon as possible.

India must develop both offensive and defensive cyber security capabilities that must be robust enough to detect and nullify cyber warfare against India, cyber terrorism against India, cyber attacks against India, cyber espionage against India, etc.

The national imperatives of securing operational technologies like smart grids, oil and gas, public utilities, etc are too essential to be ignored by Indian government. Today protecting key economic assets like securing financial backbone and stock exchange, payment infrastructures and financial switches is need of the hour. This includes architecting security for new age banking to make them cyber secure. Cyber security of banks in India is still deficient.

The business community must also keep in mind the cyber law due diligence requirements in India. Cyber due diligence for Indian companies is now a statutory obligation and failure to observe cyber due diligence can bring serious legal ramifications. Ensuring business models, technology transformations and channel revolutions in the midst of organised, focused, advanced and persistent cyber threats is not an easy task.

With the growth of enterprise mobility, mobile applications and cloud enablement data driven businesses, techno legal issues have become more prominent. Social networking platforms have further complicated the scenario.
The Internet is truly global in nature and regional and national regulations and efforts cannot bring the desired results. Cyber law and cyber security issues are global in nature. Indian response to international cyber law treaty is not pro active. International cyber law treaty is required to be formulated as soon as possible.

Similarly, cyber security framework must ensure both national responsibility and global accountability. Any cyber diplomacy must congregate both national and international interests to be effective and enforceable. Thus, an international cyber security treaty is required to be formulated as well.

With a growing focus upon electronic delivery (e-delivery) of services in India additional responsibilities of securing technology transformation of governance must be ensured. The e-governance projects of India would bring cyber security challenges for which we need readymade solutions.
           
Similarly, cyber security enablement of growing electronic and mobile commerce would also be required. With the projected increase in volume and growth of commerce and e-commerce in India, cyber security as enabler must be ensured.


The management of consumer rights and business responsibilities in the information age is not an easy task. For instance, the present telemarketing policy of India is anti consumer. Similarly, the telecom dispute resolution process in India is also anti consumer.

The future of cyber security in India is tough to manage. The sooner we start working in this direction on ground level and actual basis the better it would be for the larger interest of India.

Sunday, October 28, 2012

Indian Cyber Security Problems, Issues and Challenges Management

Cyber security initiatives of India have started gaining momentum. However, cyber security initiatives in India in India are still deficient on many aspects. After all, managing India’s cyber security problems, issues and challenges is not an easy task. In these circumstances establishment of the national cyber security database of India (NCSDI) assumes great cyber security significance. The cyber security research and development centre of India (CSRDCI) is also a timely initiative.

Undoubtedly, there are many cyber security issues of India that have still been left unattended. The cyber security issues and challenges in India require urgent attention of Indian government as we have already delayed this process.

India is facing cyber threats from cyber terrorism, cyber warfare, cyber espionage, etc and we must develop both offensive and defensive cyber security capabilities in India. India is also facing continuous and serious cyber threats that have been endangering the critical infrastructures of India. In these circumstances, there is an urgent need to strengthen critical infrastructure protection in India. We cannot achieve this task without ensuring cyber security skills development in India.

Concerns regarding insufficient cyber security in India have been raised for long but the Indian government remained indifferent to cyber security of India for long. However, some committed and dedicated private players have been playing a pro active role in strengthening the cyber security of India.


Another major lacuna in the cyber security field is absence of implementable cyber security policy of India. Till various cyber security declarations and promises are actually implemented, they are of no use. As on date we have no implementable national cyber security policy of India.

Even basic level techno legal frameworks are missing in India. For instance, we have no dedicated cyber security laws in India. We also do not have dedicated encryption laws and regulations in India. Even Legal Framework For Mandatory E-Governance In India And Legal Framework For Cloud Computing In India are missing. The Mandatory E-Delivery Of Services In India is also missing.

India has to cover a long road in order to make its cyber security effective. It is high time to move beyond declarations and promises as they would not serve any purpose in the present times.

Monday, October 22, 2012

Cyber Security Council Of India Established

This article has reported that a cyber security council of India has been constituted by Indian government. We at Perry4Law Techno Legal Base (PTLB) welcome this move of Indian government as it was a much needed initiative. 

According to the report published by my colleague, the cyber security council of India has been constituted by Indian government. This is a good step in the right direction as such an action was long due on the part of Indian government.

Although this is a modest beginning yet if Indian government is committed this can transform into a major cyber security initiative by Indian government. I am hereby sharing the report of my friend for our readers.

Cyber security of India has finally got the attention of Indian government. Indian government has been announcing many initiatives that could strengthen cyber security of India. Although these initiatives have come late yet this is a good beginning from all counts.

Now it has been reported that the Indian government has launched a new and dedicated wing of the country's National Security Council Secretariat (NSCC). The function of the proposed wing would be to deal with the growing cyber threat especially those from cyber terrorists.

Cyber terrorism against India, cyber warfare against India, cyber espionage against India, etc are on rise and this dedicated wing can be really helpful in this regard. The wing would coordinate with other existing law enforcement agencies. The objective of the wing would be to keep both public and private computer safe from cyber attack and malicious activities.

The proposed wing would work in the direction of ensuring coordination among various government departments of India so that both national and international cyber threats can be countered. Gradually the wind would be extended to make its initiatives and efforts more holistic and wide.

However, India still needs to stress upon cyber security research and development. Till now we have a sole techno legal cyber security research centre of India that is managed by Perry4Law and PTLB.


Close association and coordination with expert techno legal institutions like PTLB is the need of the hour. Let us hope that Indian government would collaborate and coordinated with institutions like PTLB to make its cyber security initiatives more holistic and effective.

Source: Techno Legal News

Indian National Cyber Security Database

This post talks about the latest techno legal cyber security initiative by Perry4Law Techno Legal Base (PTLB). The initiative is known as National Cyber Security Database of India (NCSDI) and it is a unique techno legal cyber security initiative.

In a much needed development, PTLB has constituted the first ever techno legal national cyber security database of India (NCSDI). This is a significant development that can go a long way on strengthening of cyber security of India.

The NCSDI is a part and parcel of much larger and more specialised initiative of PTLB. It is part of the exclusive techno legal cyber security research centre of India (CSRCI) managed by PTLB.

The NCSDI would consist of techno legal cyber security experts of India who should be enrolled with PTLB in this regard. Those interested in enrolling with NCSDI must read the enrolment criteria for the same.


NCSDI would also be an essential part of various cyber security initiatives and projects of Indian government and private cyber security players of India and abroad.

NCSDI is a very ambitious and much needed initiative of PTLB that deserved support and collaboration of Indian government and various cyber security stakeholders. Let us see how NCSDI and CSRDI would strengthen the cyber security environment of India.

Source: Cyber Laws In India

Indian Cyber And High Tech Crime Investigation And Training Centre

In this post we are discussing about the Cyber and Hi-Tech Crime Investigation and Training (CHCIT) Centre of India managed by Perry4Law Techno Legal Base (PTLB). This is the exclusive techno legal cyber and hi-tech crime investigation and training centre of India that is managing both technical and legal issues of cyber crimes and high tech crimes.

Techno legal issues especially cyber crimes and cyber security issues in India are complicated to manage and tackle. Countries all over the world are struggling to deal with the same. Even in India we have to cover a long road before expertise pertaining to cyber security in India and cyber forensic in India can be achieved.

Research and development plays a major role in developing cyber security capabilities. It is also crucial to develop methods to fight against cyber crimes and cyber attacks. Private initiatives like cyber security research centre of India (CSRCI), cyber forensics research and development centre of India (CFRDCI), cybercrimes investigation centre of India (CCICI), etc are crucial in this regard.

At Perry4Law and PTLB we are managing the exclusive techno legal cyber crime and high tech investigation and training centre of India. We are also managing the exclusive techno legal centre of excellence for cyber crimes investigation in India.

Further, in order to inculcate techno legal skills among police, lawyers, judges, professionals, etc we have been managing the exclusive techno legal centre of excellence for lifelong learning in India where we are providing trainings, courses and education in the fields like cyber law, cyber security, cyber forensics, etc. PTLB e-learning platform further helps in achieving this objective.

The cyber crimes investigation centre of India by PTLB aims at developing techno legal skills among cyber crime investigators on the pone hand and modernisation of police force of India on the other. We provide cyber crimes investigation trainings in India to various stakeholders.

Perry4Law and PTLB have also provided cyber crimes trends in India 2012, cyber law trends in India 2012, cyber security trends in India 2012, etc. Previous years trends have also been provided by Perry4Law and PTLB to give various stakeholders a good look of cyber environment of India. 

We have been providing ICT trends in India since 2005-06. The ICT trends in India 2009 and subsequent trends have discussed both the positive and negative aspects of Indian ICT policies and strategies.

We hope that this exclusive techno legal cyber crime investigation centre of India would prove useful to all stakeholders in India and abroad.

Indian Data Security Laws

For long data security in India has been managed by independent contracts between private parties rather than a well founded regulatory framework in India. Till now we have no dedicated data security laws in India. This article is exploring the regulatory environment for data security in India.

Data is the backbone of any society that primarily relies upon information and communication technology (ICT). Protection of data is both the personal and proprietary requirement of various individuals and institutions. This is the reason why data must be secured through techno legal means.

As on date, we have no dedicated Data Privacy Laws In India and Data Protection Law In India. Even a dedicated Privacy Law Of India is missing. There is an urgent need to formulate Techno Legal Data Security Laws In India, Cyber Security Law In India, Privacy Rights And Laws In India, etc. While formulating such laws, we must keep in mind that Privacy Rights In India In The Information Age are different from the traditional privacy requirements.

Data security is closely related to cyber security expertise. Thus, Cyber Security Issues In India need better and focused attention of Indian government as Managing India’s Cyber Security Problems is a very delicate and tedious task. In these circumstances, Indian Data Protection Laws Are Urgently Needed. We cannot ignore data Protection Laws In India and privacy rights in India anymore. Similarly, Encryption Laws And Regulation In India must also be formulated as soon as possible. 

At the national policy levels as well the Indian government has to do lots of hard work. For instance, the Encryption Policy Of India Is Needed. Similarly, an implementable Cyber Security Policy Of India is also need of the hour.

Indian government has also suggested projects and initiatives like National Cyber Coordination Centre (NCCC) Of India, Central Monitoring System (CMS) Project Of India, National Intelligence Grid (Natgrid) Project Of India, etc that would require dealing with the data and information in a constitutional manner.

Clearly data security laws of India are urgently needed. The sooner they would be formulated the better it would be for the interest of various stakeholders in general and national interest of India in particular.

India, Cyber Security And Security Projects

This article is discussing some of the most crucial issues pertaining to cyber security of India. It covers areas like cyber security, data protection, international cooperation, cyber security laws, data security laws, etc. Further, various projects of Indian government having a bearing at cyber security have also been discussed.


Further, governmental projects like central monitoring system, national counter terrorism centre (NCTC), national critical information infrastructure protection centre, national cyber coordination centre, etc have further complicated the Indian cyber security equation.  

These issues cannot be resolved till we have an effective and implementable cyber security policy of India that incorporates all the abovementioned aspects. Indian government has constituted a cyber security council that is a good step in the right direction.

Cyber security of India is under transformation and private cyber security players have played a major role in the same. The cyber security research centre by PTLB is the classic example of the same.

There are many issues in this regard that have still to be managed by India.  Let us hope that India government would resolve the same with the help of techno legal expert institutions like PTLB.

Source: Cyber Laws In India

Cyber Security Council For India Formulated

It has been reported that an Indian cyber security council has been constituted. Although it is a belated move yet it is a good step in the right direction. At Perry4Law Techno Legal base (PTLB) we welcome this step of Indian government.

Cyber security cannot be managed till we have governmental will and public support. We cannot have public support till the government actually takes some concrete steps in the direction of strengthening of cyber security. One such step has been taken by Indian government.

According to the report published by my colleague, the cyber security council of India has been constituted by Indian government. This is a good step in the right direction as such an action was long due on the part of Indian government.

Although this is a modest beginning yet if Indian government is committed this can transform into a major cyber security initiative by Indian government. I am hereby sharing the report of my friend for our readers.

Cyber security of India has finally got the attention of Indian government. Indian government has been announcing many initiatives that could strengthen cyber security of India. Although these initiatives have come late yet this is a good beginning from all counts.

Now it has been reported that the Indian government has launched a new and dedicated wing of the country's National Security Council Secretariat (NSCC). The function of the proposed wing would be to deal with the growing cyber threat especially those from cyber terrorists.

Cyber terrorism against India, cyber warfare against India, cyber espionage against India, etc are on rise and this dedicated wing can be really helpful in this regard. The wing would coordinate with other existing law enforcement agencies. The objective of the wing would be to keep both public and private computer safe from cyber attack and malicious activities.

The proposed wing would work in the direction of ensuring coordination among various government departments of India so that both national and international cyber threats can be countered. Gradually the wind would be extended to make its initiatives and efforts more holistic and wide.

However, India still needs to stress upon cyber security research and development. Till now we have a sole techno legal cyber security research centre of India that is managed by Perry4Law and PTLB.


Close association and coordination with expert techno legal institutions like PTLB is the need of the hour. Let us hope that Indian government would collaborate and coordinated with institutions like PTLB to make its cyber security initiatives more holistic and effective.

Source: Cyber Laws In India

National Cyber Security Database Of India (NCSDI)

Cyber security field requires dedicated and collaborative efforts on the part of various stakeholders. Cyber security in India also requires such collaborative efforts where public private partnership (PPP) can be really handy.

Cyber security issues in India are too much and too complicated to be managed by a single organisation or individual. At Perry4Law Techno Legal Base (PTLB) we believe that cyber security is a techno legal field that requires techno legal expertise. We also believe that we must develop both offensive and defensive cyber security capabilities in India.

In other words, cyber security skills and capabilities development in India must be ensured as soon as possible. PTLB E-Learning Platform has been working in this direction for long. We must also ensure lifelong cyber security capabilities in India.

In order to make our cyber security efforts more robust, effective and holistic, PTLB has launched the first ever techno legal national cyber security database of India (NCSDI). Those interested in enrolling with NCSDI must read the enrolment criteria for the same.

Managing India’s cyber security problems, issues and challenges is not an easy task. Without good collaboration and concrete steps in this direction, cyber security issues and problems in India cannot be resolved.

Keeping these cyber security mandates in mind, PTLB has been operating the exclusive techno legal cyber security research centre of India (CSRCI) and NCSDI is an integral part of the same. We hope the cyber security projects and initiatives of PTLB would prove useful to all concerned. 

Friday, October 19, 2012

Cyber Security Research Centre Of India

We have consolidated our cyber security initiatives and cyber security research centre of India is an important part of the same. Our techno legal initiatives are unique in the sense that we manage both technical and legal aspects of cyber security.

We are hereby posting a media report about our initiative with prior approval. Hope our clients and various cyber security stakeholders would find this report useful.

Cyber crimes and cyber threats have changed the entire cyber security scenario. Previously firewalls and anti viruses were the notion of cyber security. Now cyber security responsibilities have become too tedious to be managed by a single person or institution.

Cyber security research and development is very crucial to strengthen cyber security of any institution and nation. Cyber security is a constant procedure thus we need to learn, adapt and improvise our cyber security initiatives and efforts on regular basis.

The need for cyber security research centre of India was imminent. Thanks to the efforts of private players, Indian cyber security research centre is no more a fiction. The exclusive techno legal cyber security research centre of India has already been functioning in India for long.

The present cyber security environment of India needs effective skills development to deal with growing cyber threats against India. There are numerous vexing cyber security issues in India that requires attention at the highest level. Further, cyber security laws in India and cyber security policy of India must also be formulated.

Cyber security issues and problems of India require techno legal solutions as neither technical nor legal solution in itself is sufficient. Further, participation of private players is also needed to strengthen cyber security of India as managing India’s cyber security problems, issues and challenges cannot be left for the Indian government alone to tackle.

A special attention must be given to critical infrastructure protection of India. Recently Indian government proposed establishment of national critical information infrastructure protection centre (NCIPC) of India that can help in protecting critical infrastructure of India.

In these circumstances the initiatives and efforts of Perry4Law Techno Legal Base (PTLB) are really praiseworthy. PTLB has established the exclusive techno legal cyber security research and development centre of India. This cyber security centre is the first of its kind in India and world wide.

The cyber security centre is a good blend of legal and technical capabilities of PTLB that makes it unique and very effective. Through its skills development and training initiatives, it would ensure offensive and defensive cyber security capabilities for India and other nations. Let us hope that this cyber security centre of PTLB would be an integral part of all cyber security initiatives of Indian government.

Source: Cyber Laws In India

Wednesday, October 17, 2012

Cyber Security Laws In India

Cyber security, cyber forensics, etc are fields that require techno legal expertise to manage. The growing cyber security issues in India and demand for cyber forensics in India has increased the demand for techno legal skills development in India.

At Perry4Law and Perry4Law Techno Legal Base (PTLB) we have been ensuring legal enablement of ICT systems in India for long. We are also managing exclusive techno legal centre of excellence for cyber crimes investigation in India, techno legal centre of excellence for cyber forensics in India, cyber security research centre of India, etc.  In this work we are discussing the cyber security laws of India.

The debate between self regulatory environment and a regulatory environment has always been a part of technology related laws. Some believe that issues like cyber law, cyber security, cyber forensics, etc must be regulated by the government whereas others believe that they should be left to individuals and organisations as self regulatory mechanisms.

In this present fragile and dangerous cyberspace it would not be advisable to leave everything upon self regulation mechanism. Issues like cyber law, cyber security, cyber forensics, etc deserve to be regulated at national and international level.

We have no legal framework or laws for cyber security in India. Of course, a few provisions have been incorporated in this regard in the information technology act, 2000 of India that is the sole cyber law of India. However, we need express and dedicated cyber security legislation in India as soon as possible.

Even the cyber law of India needs to be upgraded and strengthened. We need stringent provisions against cyber criminals and not the soft provisions that are presently incorporated in the Indian cyber law. By making the offences and cyber crimes “bailable” India has made its cyberspace a “free zone” and “safe heaven” for cyber criminals and cyber offenders.

It seems the problems of Indian cyber security are multi facet in nature. We do not have sufficient laws, we lack proper strategies and policies, and we do not care much about cyber security.

To start with we must formulate a pro active cyber security policy of India. Then we must proceed towards strengthening our existing cyber law and enacting an effective cyber security law of India. The sooner we consider these issues the better it would be for the cyber security of India.

Monday, October 8, 2012

Techno Legal Initiatives Of Perry4Law And PTLB

Techno legal issues pose special challenges before all nations. This is so because these issues are complex combination of both technical and legal issues. At Perry4Law and Perry4Law Techno Legal Base (PTLB) we have been spearheading many world renowned techno legal initiatives.


Similarly, on the education, trainings and skills development front as well Perry4Law and PTLB have been managing many initiatives. For instance, the exclusive techno legal e-learning in India is managed by PTLB whereas highly specialised and domain specific trainings and education is managed by Perry4Law techno Legal ICT Training Centre (PTLITC).  


We are also discussing important issues pertaining to international ICT policies and strategies. Similarly, techno legal issues are specifically discussed at PTLB blog. We hope these initiatives would prove useful to all stakeholders.

Source: ICTPS Blog

Sunday, September 30, 2012

Cyber Security Issues And Challenges In India

Cyber Security in India is one area that has to be given top priority by Indian government. The Cyber Security reflections in India prove this point. There are many policy related issues that Indian government must urgently take care of.


A special focus upon Cyber Security for Power Energy and Utilities in India must be given. Power Grids Cyber Security in India and its Challenges has emerged as special area of concern and India is clearly not in a position to defend its power infrastructure.

There are numerous Cyber Security Challenges in India that are still unredressed. Further, India's Cyber Security Challenges are unique to Indian conditions and they require local treatment and solutions. Cyber Security Issues in India require a dedicated effort on the part of Indian stakeholders. Even the Cyber Security Firms, Companies and Consultants in India Must be Pro Active.

Cyber Security in India and its challenges and Problems require urgent attention of Indian government. We have already wasted enough time in this regard and it is high time for India to do some actual groundwork as conducting of conferences and seminars would not bring any favourable change towards establishment of cyber security capabilities of India.

Thursday, August 9, 2012

Cyber Security Challenges In India

Cyber security issues in India have added a new variety of challenges for India. Till now cyber security in India and its challenges and problems are well known and India has also realised that urgent attention in this direction is needed. For instance, the cyber security challenges for the smart grids in India were realised during the recent power outrage in India.

This is just the beginning of the cyber security journey of India. Critical infrastructure protection in India is not undertaken in the manner required. Even we have no critical ICT infrastructure protection policy of India  that can provide norms and best practices for critical infrastructure protection in India.

On top of it, stealth and sophisticated malware like Stuxnet, Flame, Shamoon and Duqu have already proved that critical infrastructures around the world like power grids, nuclear facilities, satellites, defense networks, governmental informatics infrastructures, etc are vulnerable to both known and unknown cyber attacks.

There are many concepts that were not even acknowledged by India a few years back. For instance, concepts like cyber warfare against India and its defenses, cyber terrorism against India and its defences and solutions, cyber security in India and its challenges and problems, cyber espionage against India and its challenges, solutions and defences, etc were never considered to be a threat by India.

Now it is well known that these concepts are not just theoretical concepts but actual and potential threats to any nation. India has also realised this bitter truth that also without much loss of crucial information and data.

Of course, strategic computers at Indian defence forces, governmental departments, etc were successfully breached and compromised. In many cases, India was not even aware of such compromise and there may be incidences where such compromise are still present and are undetected.

As on date we have neither a strong cyber law nor effective cyber security capabilities in India. Further, if we analyse the cyber security reflections the trend is really troublesome. The cyber law, cyber crimes and cyber security trends by Perry4Law and Perry4Law Techno Legal Base (PTLB) have shown the loopholes of Indian cyber security capabilities.

We at Perry4Law and PTLB strongly recommend that Indian government must stress really hard upon developing both defensive and offensive cyber security capabilities. The sooner it is done the better it would be for the national security of India in general and cyber security of India in particular.

Thursday, August 2, 2012

Cyber Espionage Against India And Its Challenges, Solutions And Defences

If we analyse the Cyber Attacks Trends against India for the past few years it would be apparent that the frequency and sophistication of these Cyber Attacks has increased and developed a lot. The Cyber Attack by the Chinese Crackers at the computers in the Prime Minister's Office (PMO) of India in December 2009 is one such example.

In this incidence, the Crackers targeted India's key National Security Peoples including National Security Advisor M.K. Narayanan, Cabinet Secretary K.M. Chandrashekhar, PM's Special Envoy Shyam Saran and Deputy National Security Advisor Shekhar Dutt. The four and up to 26 others were specifically targeted in the Cracking exercise that was very successful.

The Cyber Espionage attack was very sophisticated and well executed. The E-Mail was routed through multiple proxy servers to defeat the Traceability. The Cracking Spyware was embedded in a PDF document to get it executed once opened. The Trojan Malware was programmed to carry out multiple functions, including downloading malicious files, accessing E-Mails and passwords and also accessing the desktop from a remote location.

In another incidence, it was reported that the Chinese Intelligence Agencies may have planted Malware in Computers and broken into the Headquarters of 33 Corps, the Army formation looking after most of the North-Eastern border with China. The Cyber Intrusion also planted a Trojan Horse to give Chinese Agencies remote access to the computer network at the 33 Corps Headquarters in Sukhna, near Siliguri, West Bengal.
 
In another incidence, many Computers of the Home Ministry were found infected with Malware. Reacting sharply, but wrongly, to these developments, the Union Home Ministry decided to ban the use of Internet by the lower rank staff up to section officers.

This was a “Defective Strategy” as banning use of Internet or Technology rather then developing Cyber Security Capabilities in India can never be a good choice. It is better to “Train” the staff rather than prohibiting them from using Internet.

The Home Ministry was barking the wrong tree as Security through Obscurity and Non-Access in itself and without further steps to develop Cyber Skills and Capabilities is a bad choice. The Government of India must concentrate upon “Capacity Development” of not only its employees but also its core Departments and Offices in order to tackle Cyber Espionage Attacks. Thus, Cyber Security Capabilities of India must be strengthened as soon as possible.

Cyber Espionage may be committed by an Insider or an outsider with the help of Internet and Computer. The problem is that Cyber Espionage is inexpensive and relatively easy to commit and it is also difficult to prove with absolute certainty. This is more so regarding “Authorship Attribution” that can pin point the liability to a Nation/Individual/Organisation.

Authorship Attribution is an important aspect of “Determining the Culpability” of an offender where the means to commit the offence are common and accessible to many people simultaneously. Data Mining and Profiling of the accused to “Attribute Culpability” to him/her alone is an emerging area of Cyber Crime Investigation but it is still far from perfect.

Having an effective Cyber Security Mechanism at place can help in prevention of majority of Cyber Espionage issues, but there is no full proof method of preventing Cyber Espionage. With adequate resources and time, a Cracker can penetrate and exploit the intended target.

The Cyber Security Policy of India must be urgently formulated that must incorporate provisions regarding Cyber Warfare, Cyber Terrorism, Critical Infrastructure Protection, Cyber Espionage, etc. In the ultimate analysis, enhancing Cyber Security of India is the ultimate solution.

Cyber Security In India: Its Challenges And Problems

Cyber Security in India is gaining importance day by day. However, the same is not a result of any Cyber Security Policy of India but due to the problems that India is facing. India has for long ignored Cyber Security aspect and this has caused tremendous loss to it. Now Cyber Security Problems of India have reached a stage where if immediate action is not taken, it may cause irreversible and irreparable loss to India.

The chief problem that India is facing from cyber front pertains to threats emanating form Cyber Warfare field. Cyber Warfare against India and its Defences is one area that requires special attention of our Policy Makers. We need a dedicated work force to take care of this sensitive and crucial field.

Another concern that is repeatedly conveyed to Indian Government is that Critical Infrastructure Protection in India is needed. As on date India is not vulnerable to Cyber Attacks targeting Critical Infrastructure of India. However, this is not because India has advance Critical Infrastructure Protection (CIP) Mechanism at place but because India has outdated and ancient Infrastructure at place. The moment modern and ICT enabled Infrastructure would be used by India to support its Critical Infrastructure, the problems of India would increase manifolds.

For instance, the recent power failure of India has raised concerns not only in India but also World wide. Although the power outrage was claimed to be caused due to Defective Power Infrastructure, yet even in modern Power Infrastructure such a situation can occur. Cyber Security of automated Power Grids of India has not been contemplated by Indian Government so far.

Sophisticated Malware like Stuxnet and Duqu have already proved that Critical Infrastructures around the World like Power Grids, Nuclear Facilities, Satellites, Defense Networks, Governmental Informatics Infrastructures, etc are vulnerable to diverse range of Cyber Attacks. The truth is that Cyber Attacks are affecting Indian Critical Infrastructure and we are not even aware of the same.

Another area that must be on “Priority List” of Indian Government pertains to Cyber Terrorism. Cyber Terrorism against India and its Defences and Solutions has not been developed by India so far. This must be done now to prevent any further loss due to activities of Cyber Terrorists against India.

We must develop Cyber Security Capabilities of India as soon as possible. Further, we must also keep in mind the Importance of Cyber Forensics for India. Keeping this in mind, development of suitable Cyber Forensic Investigation Solutions in India are needed to Prevent and Defend various types of Cyber Attacks.

The list is endless and this article is not intended to cover all the aspects of Cyber security Problems of India. However, the top three Cyber Security Problems of India have been discussed by me. I would discuss more in this regard in my subsequent articles.

Advertisement Space- Bid Now

Advertisement Space- Bid Now