Invisible Enemy

Invisible Enemy

Cyber Security

Amidst the warning of a Cyber Pearl Harbor by US Secretary of Defence Leon Panetta, the governments around the world including India are gearing up fast to face the challenge together and some of the leading developed countries including the US and UK have signed joint agreements with India to combat the cyber warriors in a holistic manner.

Considering the expertise of large number of Indians in ICT, the UK government is the latest to enter into Cyber Security Dialogue with India when its Secretary of State William Hague visited New Delhi on October 8 this year. US had entered into similar arrangement with India last year.

The Cyber Pearl Harbor envisions a wave of attacks from foreign hackers that could cripple the entire lifeline of the country by attacking on transportation systems, power grids, banks etc.

The Indian National Security Advisor Shiv Shankar Menon has also talked of enormous potential for damage from cyber arena.

The cyber space is universal in nature and even a group of well trained cyber experts, sitting in air-conditioned hall, can launch a cyber attack on the critical infrastructure of a country.

Significant step

Thus, domestic efforts in India have also picked speed with the government taking a comprehensive step of setting up a Joint Working Group with the private sector with an ambitious mandate.

With this India seems to have finally woken up to the challenge, the state and non state cyber warriors are posing to the Indian information and communication networks, now considered to be the lifeline of the nation.

Every moment of nation’s life is dependent on the proper maintenance of the network. This is not only India’s concern and problem, the international community especially the developed countries are now devising means to thwart any attempt to create disturbance in their ICT network.

Though the Indian government had set up a Computer Emergency Response Team way back in 2004, the response of to the cyber attacks has been lackluster.  

However, last October the National Security Advisor Shiv Shankar Menon announced a significant step which will help pool all the national resources and the skills to counter the threats to the cyber domain of the country.

The occasional attack on Indian computer systems has exposed the vulnerabilities of the network. Though efforts have been made to isolate the Indian defence and military ICT systems its linkages with the civilian network may prove contagious and thus dangerous.

Since the cyber war is now considered to be the fifth dimension of the offensive and defensive deployment of the strategic systems, the security establishment in India has been working towards this end since long.

With the country now being recognized as a nuclear and missile power it is all the more imperative for them to totally insulate them from any cyber attack.

These attacks can not only be launched by a state agency, the extremist and terrorist groups can also be incited to indulge in cyber war.

With recent reports of recruitment of IT professionals in the Jehadi organizations, the security establishment fears the cyber attack from within the country also. The intelligence agencies are viewing the recent developments with concern.

The setting up of a Joint Working Group with the Private Sector is being considered a very significant step, as the private sector is believed to have better skilled human resources in the country.

Addressing the risk

In fact, the Indian private sector ITC professionals are the pioneer in ICT technology, and they should be considered experts in such matters. But, it is government’s lack of vision that they were never roped in for such purposes in a structured manner.

Along with the decision to set up the JWG, the government has also decided to appoint the first national Cyber Security Coordinator, who will put a coordinated response to the challenges emerging in cyber space.

The present head of the Computer Emergency Response Team (CERT-IN) Gulshan Rai has been recommended to hold the responsibility.

The government is also working on a complete Cyber Security Plan under which a Critical Information Infrastructure Protection Centre (NCIPC), a command-and-control centre for monitoring the critical infrastructure is proposed to be set up.

The NCIPC, will be managed by the technical intelligence agency NTRO (National Technical Research Organisation) which will have all the powers of the CERT-IN.

A comprehensive proposal is being drafted for the approval of the Cabinet Committee on Security under which the armed forces would be asked to be responsible for their own security.

Initially in 2004, the CERT-IN was set up to act as a nodal agency for responding to computer security incidents. CERT-IN was asked last year to work with CERT-Us for working out a joint strategy to tackle the cyber terrorists.

The Joint Working Group on Cyber Security refers to the fact that India’s current economic, social & infrastructure development process is making greater use of ICT for bringing transformation and this dependence on ICT makes the country vulnerable to cyber attacks that can have serious implications for the nation and economy at large.

Therefore, there is an urgent need to address the risks emanating from operating in cyberspace. The JWG has worked on a roadmap for Public Private Partnership on Cyber Security which includes setting up of an institutional framework, capacity-building in the area of cyber security, development of cyber security standards and assurance mechanisms, augmentation of testing and certification facilities for IT products.

Institutional framework would include setting of a permanent JWG, with representatives of government and private sector, to coordinate and oversee the implementation of PPP on cyber security.

A Joint Committee on International Cooperation and Advocacy (JCICA) will advise JWG in promoting India’s national interests at various international for a on cyber security issues.

Since the cyber domain is internationally linked and dependent, no single country can single handedly face the challenge.

Attack on the cyber network of one country can impact the cyber network of other country hence cooperation in cyber security is very much required.

This is required to reduce the risk of threats from cyber space to international security. Thus, the governments around the world need to strengthen bilateral cooperation to tackle cyber crime, identify and respond to threats from cyber space and raise the mutual resilience.

Since the private sector cannot remain unaffected by any cyber attack , the Joint Working Group has recommended creation of information sharing and analysis centres (ISAC) in various industry verticals by the private sector which should coordinate with sectoral CERTs and CERT-IN.

An institute of cyber security professionals of India has also been recommended for capacity building and testing.

Though no country has yet faced any attack on its critical infrastructure, frequent hacking of the computer network of sensitive security establishments has happened and the hackers are widely believed to be based in China and Pakistan.

It is interesting to note that Pakistan is not considered to be leading practitioner of ICT, cyber warriors seem to be flourishing there.

That means that some state entity is behind these cyber warriors. Hence, India and international community must remain alert to these invisible threats likely to emanate from the neighboring areas.