The cyber threat.

As the 21st century advances, a new danger—the cyber threat—is becoming a many-branched monster.

Grey Zone Operations’ which fall outside traditional concepts of conflict, have become the new battleground, especially regarding cyber warfare.
Grey zone warfare can be broadly defined as exploiting the operational space between peace and war to change the status quo through coercive actions.

Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.

Embedding Malware:
- Cyber criminals have embedded malware into legitimate applications to target poorly secured Wi-Fi spots and passwords, so that they can steal user information.
Phishing:
- It is a social engineering attack used to steal user data, including login credentials and credit card numbers.
Cyber espionage:
- It is a type of cyberattack in which an unauthorised user attempts to access sensitive or classified data or intellectual property for economic gain, competitive advantage or political reasons.
Cyber sabotage:
- It is defined as deliberate and malicious acts that disrupt normal processes and functions or the destruction or damage of equipment or information.

4th Industrial Revolution:
- This has led to the rise of the Internet of Things, artificial intelligence, machine learning etc. which would see a more connected environment. This would require the communication systems to be secure.
E-commerce boom:
- The Indian E-commerce market is expected to reach US$ 200 billion by 2026. This increases the vulnerability of consumers to online fraud.
Inappropriate use of information:
- Photos, videos and other personal information shared by an individual on social networking sites can be inappropriately used by others.
The increasing importance of the digital economy:
- Digital economy today comprises 14-15% of India’s total economy and is targeted to reach 20% by 2024.
Financial loss:
- India has lost enormous amounts of money each year in cyberattacks.
- For example, cybercrimes in India caused losses of Rs. 1.25 lakh crore in 2019.
Weak digital security:
- Outdated infrastructure, with poor or inadequate cyber security protection, has exposed India’s digital vulnerability.
Critical infrastructure:
- Critical infrastructures such as power systems, transportation systems, and refineries are vulnerable to data theft and cyber-attack that could bring the whole economy stands still.
5th arena of war:
- Cyberspace has emerged as the 5th arena of war (after land, air, water and space). Thus, it becomes essential to protect the nation from cyber threats.

Foreign dependency:
- India lacks indigenisation in hardware and software cyber security tools increasing susceptibility to cybercrimes.
Digital infrastructure:
- In India, most people use cheaper smartphones with poor cyber security and privacy features, which makes them prone to cyber-attack.
Data storage:
- India is a net information exporter. Its information highways point west, carrying with them the data of millions of Indians.
Shortage of workforce:
- The shortage of skilled cyber security professionals in India is 9% higher than the global average.
- India needs approximately 1 million cybersecurity professionals [Data Security Council of India].
Lack of awareness:
- As there is no National regulatory policy in place for cybersecurity, there is a lack of awareness at both the company and individual levels.

The Information Technology Act, 2000:
- It regulates the use of computer systems and computer networks and their data.
National Cyber Security Policy, 2013:
- It outlines a road-map to create a framework for a comprehensive, collaborative and collective response to deal with the issue of cyber security at all levels within the country.
Budapest Convention:
- It is the only multilateral treaty on cyber security that addresses Internet and computer crime.
- Its focus is on harmonising national laws, improving legal authorities for investigative techniques and increasing cooperation among nations. However, India has not signed it.
ICANN:
- Internet Corporation for Assigned Names and Numbers.
- It is a non-profit public benefit corporation and coordinates the Internet Domain Name Servers, IP addresses and autonomous system numbers.

Integrated cyber security command:
- At present, we follow a sector-specific cyber security policy, which hampers coordinated efforts. Therefore, we need an integrated cyber security command.
Establish a National Cyber Security Commission:
- To coordinate with all ministries for National Critical Information Infrastructure (NCII) in their areas and play a catalytic role in the requirements of the military in cyber warfare.
Reducing the dependence on foreign servers:
- By creating one dedicated secure gateway for all government communication.
Promoting Indigenisation:
- There is a need to create opportunities for developing software to safeguard cyber security and digital communications.
Awareness generation:
- Launching awareness-raising campaigns and/or developing guidelines and/or supporting educational programs for educating mainstream users about basic cybersecurity hygiene.

Content Source: The Hindu