Niraj Dubey
In this digital era of global world, according to our hon”ble PM, Shri Narendra Modi, data is the new oil, data is the new gold. After the revolution of internet and communication technology, more and more government organisations as well as private sector enterprises offered their services online, that pertains to public welfare or business oriented services. Although, it adds transparency, accountability and doorstep delivery of resources, but it further contributes serious threats to our data privacy from cyber attackers. Every individual, business, corporate, institution, and government are today under the threat of cyber attacks. India is among the fastest growing countries in the world in terms of digitization and technological advancement. Over the past few years, the Indian Government has employed several programmes and schemes to ensure the proper fulfillment of the infrastructural requirements to facilitate such growth. However, with rapid technological development and increased use of the internet comes the growing risk of cybercrimes. This has generated a huge demand for a proper cybersecurity framework. More and more use of technology and its evolution gives space to cyber crime. Such crimes have taken over all the other crimes in terms of rise and loss in terms of value. It is the most dangerous attack today as the criminals capitalise on vulnerable security systems for their gain and the victim has no idea about them. It can strike you anywhere and anytime. From an individual to a Government organisation, all are under attack and hence every attack needs to be dealt as an attack on the nation. Every attack is a wake-up call for the nation. In the recent past, we have seen a massive escalation of cyber attacks, in the form of ransomware, phishing, sextortion, identity theft and hacking. By way of which, cyber hackers compromises the IT and computing resources of either government or corporate sector enterprises and earn billions of rupees in deal to restore the computer systems.
In the recent held ransomware attack at AIIMS – New Delhi, which reflects India’s critical vulnerabilities, in which global hackers, may be from China or others countries compromises most of the server data by way of encryption and demands a huge amount of around 200 crores in cryptocurrency as ransom and the fiasco continued for around one month. Although, our Indian cyber security experts, after putting hard effort and investigations restore most the server data, but it gives a warning signal to other organisation too, to give cyber-security issues, a paramount importance and take all preventive measures to thwart such attempts/ attacks in future. Though India has been paying greater attention to cyber security, the rising number of attacks on India should be very worrying to Indian security managers. Accordingly, CERT-In data showed that cyber attacks had increased from 41,378 attacks in 2017 to 14,02,809 attacks in 2021. However, this number appears to have decreased somewhat in 2022 where 12,67,564 attacks were reported until November. Ransomware attacks are among the biggest cyber threats in the VUCA world. Ransomware is something similar to like kidnapping. In earlier days, it was the person who was kidnapped and ransom was demanded. In the current cyber world, its data which is encrypted (Kidnapped) and ransom is demanded to decrypt the data. The ransom payment may guarantee the return of kidnapped person. But it is more dangerous in the cyber world. One might get decryption key post paying Ransom but the attacker might decide to sell the data in dark web a few months later. As per CERT-IN report, there is approx. 51 percent hike in ransomware attacks in the first 6 months of 2022 in comparison to the previous year and it is ever-increasing. We had a couple of companies that approached us recently both were planning for their IPOs and were under Ransomware attack.
In one of the case, all the servers were encrypted and entire operation was severely impacted. They hired us to help them get out of this entire incident. It took couple of days and they were required to even get the insurance company into play to get this issue resolved. In addition, the government recognizes the fact that human negligence and lack of awareness amongst employees are the prominent causes of cybercrimes in the country. To address this issue, the Cyber Jagrukta Divas initiative was launched by the Ministry of Home Affairs (MHA). Cyber Jagrukta Divas is a government initiative that has been brought under the Indian Cyber Crime Coordination CENTRE (I4C) scheme to raise cybersecurity awareness among public sector undertakings (PSUs), panchayati raj institutions (PRIs), universities, schools, etc. The exact guidelines relayed by the Home Ministry are that the above-mentioned institutions must carry out an awareness campaign on the first Wednesday of each month for at least an hour.
The MHA has asked the offices and branches of all the states and union territories to observe Cyber Jagrukta Divas and prepare a comprehensive “Annual Action Plan” that will act as a nodal guideline for year-round awareness campaigns. The Cyber Jagrukta Divas initiative will be administered by the MHA under the purview of the I4C scheme. As far as J&K (UT) is concerned, where Government officials launches new on-line portals on each passing day for effective monitoring and delivery of public resources. On seeing the apprehension of cyber threats in recent global scenario, the Lt Governor of J&K(UT), Manoj Sinha, launched the digital J&K vision document and J&K cyber security policy, in the recently held two-day National Conference on e-governance at SMVDU-Katra. “The launch of digital J&K vision document and J&K cyber security policy will promote a common approach to use the power of innovation and secure the IT assets in rapidly changing technology landscape. Although much have been done in this regard, but Indian cybersecurity ecosystem still needs to be revamped further, by introducing more stringent laws and regulation for ensuring users data privacy and confidentiality. In this regard, the Government of India should make it a mission and organize week long awareness campaign on the pattern of pulse polio abhiyan about cyber menace and its preventive measures through various NGOs and cyber warriors, which may voluntarily sensitize the masses about cyber security. The author of this article who itself being a cyber passionate urges the state and national governments to recruit more and more cyber security experts in every government as well as public enterprises, who on the basis of their expertise skills can contribute a lot to thwart any such cyber attacks which may likely to be happen in future.
(The author is Sr. Faculty (GCET Jammu)