Rising Cyber Attacks in India

December 1, 2022

803

In News

Recently, the premier medical institute in the country, the All India Institute of Medical Sciences New Delhi (AIIMS) was crippled by a major cyberattack.

More about the news

Most of its servers stopped working as also the eHospital network managed by the National Informatics Centre (NIC).
AIIMS servers had the critical health data of several individuals at the helm of the country’s government.

More about the Cyberattacks

Definition:
- Cyberattacks are unwelcome attempts to steal, expose, alter, disable or destroy information through unauthorized access to computer systems.
- Typically such forms of attacks to keep networks from functioning after encrypting data, are carried out by ransomware-seeking entities and organisations are sent demands which are often negotiated and paid without informing law enforcement.
Cyberterrorism:
- Cyberterrorism is often defined as any premeditated, politically motivated attack against information systems, programs and data that threatens violence or results in violence.

Significance of Cyberattack on medical institutes:
- Cyber attacks on medical institutes are getting common and the pandemic has been a turning point.
- During the pandemic, hackers and criminal syndicates have realised the dependence of these institutes on digital systems to optimally manage medical functioning as well as store and handle large volumes of patient data, including their reports.
- It is a natural target for cyber attackers and ransom seekers because the data available here is very precious.
What are the reasons for increasing Cyberattacks?
- Increasing dependency on technology:
  - As we grow faster, more and more systems are being shifted to virtual space to promote access and ease of use.
  - However, the downside to this trend is the increased vulnerability of such systems to cyber-attacks.
- Asymmetric and covert warfare:
  - Unlike conventional warfare with loss of lives and eyeball-to-eyeball situations, cyber warfare is covert warfare with the scope of plausible deniability, i.e. the governments can deny their involvement even when they are caught.
  - Therefore, cyber warfare has increasingly become the chosen space for conflict between nations.

Challenges

Health not categorised as Critical information (CI) infrastructure:
- Most countries define the health and medical sector as critical information (CI) infrastructure.
- An organisation like AIIMS New Delhi could be counted as a “strategic and public enterprise”, health is not specified directly as a CI infrastructure.
Lack of skill set:
- Nearly two-thirds would find it challenging to respond to a cybersecurity incident due to the shortage of skills within their team.
- The survey found that 50% of all respondents would find it challenging to respond and recover from a cyberattack due to the shortage of skills within their team, and less than 25% of companies with 5,000 to 50,000 employees, have the people and skills they need today.
- The dearth of staff security positions is a major threat to business continuity and even to national defence.
Poor Prioritisation:
- The survey indicates that whereas about 85% of cyber leaders agree that cyber resilience is a business priority for their organization, one of their most prominent challenges is to gain decision-makers’ support when prioritising cyber risks, against a plurality of other risks.
- These discordant results indicate that highlighting cyber resilience as a business priority alone is necessary but insufficient.

Way ahead

Need of the national cyber security strategy:
- This incident is a wake-up call for organisations across sectors to shore up cyber security measures, it is also important to push and announce the national cyber security strategy.
- Cyber readiness:
  - That strategy will be a guiding document to motivate and monitor the preparedness of cyber readiness of institutes and also enhance capacity on many fronts including forensics, accurate attribution and cooperation.
Budgetary preference:
- Significant budgets have to be allocated by various ministries to ensure that cyber security measures don’t remain the last priority.
Capacity enhancement:
- The capacity enhancement for the National Critical Information Infrastructure Centre (NCIIPC) and CERTIn has to be undertaken to address the emerging sophisticated nature of threats and attacks and sectoral CERTs have to be set up for many areas including health.
International cooperation:
- International cooperation on countering cyber attacks has to gain more teeth beyond the Group of Governmental Experts (GGE) meetings and the US-led Counter Ransomware Initiative (CRI) of 37 countries and the European Union.

Major Government Initiatives for Cyber Security

CERT-In:
- It is an organisation of the Ministry of Electronics and Information Technology with the objective of securing Indian cyberspace.
Cyber Surakshit Bharat Initiative:
- It is an initiative from the Ministry of Electronics and Information Technology (MeitY) that aims at creating a robust cybersecurity ecosystem in India. This program was in association with the National e-Governance Division (NeGD).
National Critical Information Infrastructure Protection Centre:
- NCIIPC is a central government establishment, formed to protect critical information of our country, which has an enormous impact on national security, economic growth, or public healthcare.
Indian Cyber Crime Coordination Centre (I4C):
- The MHA launched this I4C Indian Cyber Crime Coordination Centre program to combat cybercrime in the country, through a coordinated and efficient method.
Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre):
- It is an installation under the Ministry of Electronics and Information Technology (MeitY).
Information Technology Act, 2000:
- IT Act of 2000 came into effect in India on 09 June 2000. IT Act states in its preamble that the purpose of the legislation is to provide legal recognition to electronic transactions.

Source: TH