After the dawn of digital India, the internet has become a vitally important part of our life. From messaging, emails, paying bills, banking, finding a cab, or booking a room in a hotel, reserving a table in your favorite restaurant, or binge-watching on Netflix. The Internet has touched all possible aspects of our life. Now almost every family has an average of 7 networking devices. With the rise of internet activity, cyber threats have also seen a notable rise. You may remember wannacry ransomware (May 2017), Union Bank of India Heist (June 2016), and Petya ransomware (June 2017).
According to Niti Ayog, “Cybersecurity is protecting our cyberspace and critical infrastructure, from attack, damage, misuse, and economic espionage”
Cyber threats come in the following forms:
4. distributed denial-of-service (DDoS)
5. Man in the middle
7. Rogue software
8. Mal advertising.
So why is cyber-security so important?
1. First thing to remember, India ranks 3rd in the world in terms of internet usage, after the USA and China.
2. According to a report published by “Symantec Corp”, India is among the top 5 countries to be affected by cyber-crimes.
3. Cyber intrusion and attacks have increased dramatically, exposing sensitive business and personal information, henceforth imposing high costs on the economy.
4. Point often overlooked, Cyber exploitation activities are becoming more serious, more targeted, and more sophisticated.
5. Again, attack technology is outpacing defense technology, hackers are getting more advanced and opting newer technology day by day.
6. It is important to realize organized hackers use advanced persistent threat (APT) to steal confidential data of official, national defense, and business.
7. Not to mention, there is a cyber attack in every 39 seconds.
8. Cyber criminals steal personal data, to alter E-commerce and financial affairs.
9. Surprisingly, 75% of cyber crimes go undetected for weeks or months.
10. 24% of the breaches affect financial organizations, 15% affect health care organizations, 12% affect public sector entities.
11. 95% of cyber breaches are due to human errors.
12. More than 77% of organizations have no plan for cyber security incident response.
13. Since COVID-19, the US FBI reported a 300% increase in cybercrimes.
14. Not to mention, vacant cyber security post will reach up to 4 million by 2021.
Data is the asset that powers or enables business. Any loss in data leads to time waste, financial loss, and affects the reputation of the company.
How Israel became a cyber superpower?
Countries like the USA, Singapore, India, Russia, Japan, Europe all the putting significant effort into developing their cyber security system, but Israel has become a leader in cyber security. From Destroying the centrifuge of Iran’s nuclear reactor to Iran and Israel’s cyberwars. Israel has been upgrading and advancing its cyber defense as well as cyberattacks mechanism. The world’s top auto security companies are all Israeli’s, the country receives almost one-fifth of the world’s global private investment in cyber security. In 2011, Israeli Prime Minister Benjamin Netanyahu made an ambitious promise to turn Israel into top-five global cybersecurity power within five years.
1. Israel invested and finesse young minds:
Cyber security education starts in middle school and Israel is the only country in which cyber security is an elective in the high school matriculation exam. Today there are 6 universities dedicated to cyber security. Israel was the first country in the world where students could obtain a Ph.D. in cybersecurity as an independent discipline.
2. Making military service compulsory:
Every 18 years old needs to join the IDF (Israel Defense Forces), not necessary as an infantryman, instead, they can be recruited into IDF unit 8200. Israeli’s Defence Force recruits the brightest coders and hackers to as teens to screen them into their elite cyber warfare units. This cyber intelligence unit act as an incubator, where these teens learn how to protect it from threats and how to attack enemies.
3. Israel’s Government willing to help startups:
Israel’s government is willing to double its initial investments to support cyber startups. Between 2015-2018 INCB and office of chief scientists distributed about 37 million US dollar to the cyber firms.
Few steps that we can follow to ensure cyber-security from our side:
1. Access control: please wear your ID card when you are at work at the office or outside the office. And please don’t share your passwords.
2. Email security: Please do not click or open emails containing suspicious links or attachments.
3. Internet security: It is lucrative to find free software because you ain’t have to pay anything for it. But do not download any free or unauthorized software even if you have admin access.
4. Social Media: Don’t share any confidential information while chatting on any social media platform.
5. Connecting to WiFi: Always connect to secure WiFi hotspots. The most secure way to protect yourself against a cyber attack on public WiFi is to use a VPN. VPNs help in creating a secure network where all data you send over a WiFi is encrypted.
6. Mobile Security: Leaving your phone in a restaurant, or in a cab unattended can be dangerous. Also, those apps which ask for a lot of permissions can leak trojan wear or your personal information. To combat these apps, there are cyber security tools that will alert you or completely block malicious activity.
7. Keep Changing your Passwords: Change your passwords every 3-4 months and don’t use the same password for multiple accounts. This makes all your accounts susceptible, if one gets hacked then there is a risk that all may be hacked. Avoid using auto-sign in, remember my password.
8. Report: Report security incidents as soon as you identify them.
Central Government has taken steps to spread awareness about cybercrimes; issue of alerts/advisories; capacity building/training of law enforcement; personnel/ prosecutors/ judicial officers; improving cyber forensics facilities, etc to prevent such crimes and to speed up investigation. The Government has launched the online cybercrime reporting portal, www.cybercrime.gov.in to report complaints pertaining to Child Pornography/Child Sexual Abuse Material; rape/gang rape imageries or sexually explicit content. The Central Government has rolled out a scheme for establishment of Indian Cyber Crime Coordination Centre (I4C) – to handle issues related to cybercrime in the country in a comprehensive and coordinated manner.
‘Police’ and ‘Public Order’ are State subjects as per the Constitution of India. States/UTs are primarily responsible for the prevention, detection, investigation, and prosecution of crimes through their law enforcement machinery. The Law Enforcement Agencies take legal action as per provisions of law against the cybercrime offenders.
Additional Steps taken by Govt of India
(i) Establishment of National Critical Information Infrastructure Protection Centre (NCIIPC) for protection of critical information infrastructure in the country.
(ii) All organizations providing digital services have been mandated to report cyber security incidents to CERT-In expeditiously.
(iii) Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) has been launched for providing detection of malicious programmes and free tools to remove such programmes.
(iv) Issue of alerts and advisories regarding cyber threats and counter-measures by CERT-In.
(v) Issue of guidelines for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities for securing applications / infrastructure and compliance.
(vi) Provision for audit of the government websites and applications prior to their hosting, and thereafter at regular intervals.
(vii) Empanelment of security auditing organisations to support and audit implementation of Information Security Best Practices.
(viii) Formulation of Crisis Management Plan for countering cyber attacks and cyber terrorism.
(ix) Conducting cyber security mock drills and exercises regularly to enable assessment of cyber security posture and preparedness of organizations in Government and critical sectors.
(x) Conducting regular training programmes for network / system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organisations regarding securing the IT infrastructure and mitigating cyber attacks.
government initiatives credit- pib.gov.in