Showing posts with label Critical Infrastructure Protection In India. Show all posts
Showing posts with label Critical Infrastructure Protection In India. Show all posts

Monday, November 21, 2011

Are Indian Satellites Safe From Cyber Attacks?

Cyber attacks and cyber espionage by one nation against another are very common these days. Though nations are attacking one another through cyber intrusions yet none of them come forward to accept the same. Whether we like it or not but cyber attacks and cyber espionage would continue to be used by various nations against each other.

This process is a part of traditional strategic information gathering by defence forces, intelligence agencies, etc. For instance, the systems and techniques capable of destroying an adversary’s satellites have been a major focus of arm race in outer space. With the active use of Internet, the same process has taken a shape of cyber espionage and cyber attacks.

Naturally, we must focus upon a robust and effective cyber security in India. For instance, Indian preventive and offensive capabilities against cyber warfare must be developed to ward off growing incidences of cyber espionage and cyber attacks against India.

Indian critical infrastructure if frequently targeted by cyber attacks. Malware like Stuxnet and Duqu are increasingly found in the computers managing the critical infrastructure of India. In fact some believe that Stuxnet was also responsible for the destruction of an Indian broadcasting satellite. Cyber security of Indian satellites is a natural choice in these circumstances.

The Indian government must deliberate upon cyber threats like cyber espionage and cyber warfare that are increasingly targeting strategic computers and facilities. With growing interest in cyber security, this may be achieved within few years in India.

Wednesday, October 5, 2011

Cyber Warfare Against India

Cyber warfare is a concept that is still haunting the international community. The situation is so serious that north atlantic treaty organisation (NATO) has sought stronger cooperation with India to counter growing cyber threats.

Cyber warfare is still a murky area as different countries deal with cyber attacks and cyber warfare attacks differently. While countries like US are considering it as an act of aggression on the footing of war yet other countries are taking divergent views. However, all countries are willing to use every possible cyber capabilities as preventive and curative cyber methods.

Till United Nations (UN) steps in and enacts “universally acceptable” international cyber law treaty and international cyber security treaty, this problem would remain murky and difficult to resolve. Further, nothing can benefit more than an international cyber security cooperation that is urgently required.

The incidences of cyber attacks, cyber terrorism, cyber espionage, cyber warfare, etc are increasing against India. However, in the absence of India’s national cyber security policy, cyber security in India is a neglected field. We must urgently develop cyber warfare capabilities in India to thwart growing cyber attacks against India. Further, we must also formulate a cyber warfare policy in India that is presently missing.

Cyber warfare is also the reason why we need to ensure critical infrastructure protection in India and critical ICT infrastructure protection in India. In fact the growing cyber attacks are affecting Indian critical infrastructure. Thus, cyber security capabilities through techno legal cyber security trainings in India must be strengthened. We must stress upon cyber security skills development in India.

The situation is equivalent to a wake up call and Indian government must take urgent steps to strengthen Indian cyber security. The sooner it is adopted the better it would be for a safe and secure cyberspace of India.

Monday, September 26, 2011

Cyber Attacks Are Affecting Indian Critical Infrastructure

These days information and communication technology (ICT) has become an indispensable part of our day to day life. Many critical infrastructures have now been connected with ICT in one form or another.

This is the reason why we need to ensure critical infrastructure protection in India and critical ICT infrastructure protection in India. We also need to strengthen the cyber security of India and the best way to do so is to formulate the national cyber security policy of India.

Cyber attacks and cyber threat are increasing against India. However, cyber security in India is not up to the mark and is ailing badly. There are many factors for the poor performance of Indian cyber security and lack of adequate expertise is one of them.

Whether it is strategic government department’s computers or critical infrastructure, all of them are under constant cyber attack risks. Take the example of the recent cyber security incidence that has affected the Indira Gandhi International Airport (IGIA) security systems.

Three months ago, a ‘technical snag’ had hit operations at the state-of-the-art T3 terminal at IGIA. It now turns out it was caused by a “malicious code” sent from a remote location to breach the security at the airport.

A hunt has been launched to nab the perpetrator with the CBI registering a case under the IT Act and IPC. Investigators say that the “malicious code” was in the form of “attack scripts”, which means a programme was written by an expert to exploit the system’s security weakness.

While the efforts of CBI is praiseworthy yet when it comes to timely and appropriate actions, CBI does not score well. For instance, the case of CBI’s website defacement has not been investigated in the manner it was required. Cyber crimes investigations in India need to be improved to make effective investigation and get desired results.

In the present case of IGIA as well the news of the cyber attack has come after three months and this has weakened the case to a great extent. We need timely detection and effective cyber crime investigation capabilities in India to deal with cyber attacks and cyber crimes. Indian government must conduct effective trainings and courses for cyber crimes investigations in India.

Coming to the present case, the check-in counters, transfers counters and boarding gates at the IGI are operated using the Common Use Passengers Processing System (CUPPS), maintained by Aeronautical Radio Incorporated (ARINC). The CUPPS operates on a common software-and-hardware platform that integrates all information such as an airline’s reservation system, the expected time of departure and the capacity at waiting lounges. The problem in CUPPS started at 2.30 am on June 29 due to which check-in counters of all airlines at T3 became non-operational.

“This forced the airlines to opt for manual check-in and as a result passengers had to wait. There are around 172 CUPPS counters and only a third were functioning online,” said an official. The investigation revealed that someone had hacked into the main server of the CUPPS and introduced a virus.

It took nearly 12 hours to restore the system. The CBI was also called in as officials suspected it was a security breach. “We found that there were serious security lapses,” said a CBI official.

The agency had also asked for details of records of CUPPS and staff handling the system. “Once we receive the details, it will be analysed to see if any official is involved. It appears that someone sitting at a remote location had operated the system. We have registered a case under the IT Act and other relevant section of the IPC,” added the CBI official.

Indian critical infrastructures are under strong cyber attacks and we need to take this seriously. In cyber crimes and cyber attacks cases taking months to investigate them means loosing the case. We have to develop real time cyber security capabilities in India to avoid such failures.

Sunday, April 4, 2010

Techno-Legal Online Cyber Security Research, Training And Educational Centre of India

Cyber security management is a tough task especially if it is techno-legal in nature. In that case one has to manage not only the technical aspects but also the legal aspects. Perry4Law is the leading Techno-legal ICT law firm of World. It has many techno-legal segments like Perry4Law Techno-Legal Base (PTLB), Perry4Law Techno-Legal ICT Training Centre (PTLITC), etc. Perry4Law is also running various online techno-legal research, training and educational centre in India. Techno-Legal Cyber Security Research, Training and Educational Centre is one of them.

Cyber security in India is not in a good shape. India is on the verge of a technology revolution and the driving force behind the same is the acceptance and adoption of Information and Communication Technology (ICT) and its benefits. This technology revolution may, however, fail to bring the desired and much needed result if we do not adopt a sound and country oriented e-governance policy. A sound e-governance policy presupposes the existence of a sound and secure e-governance base as well. The security and safety of various ICT platforms and projects in India must be considered on a priority basis before any e-governance base is made fully functional. This presupposes the adoption and use of security measures more particularly empowering judiciary and law enforcement manpower with the knowledge and use of cyber forensics and digital evidencing, says India’s leading techno-legal expert Praveen Dalal.

India cannot achieve a good cyber security till it takes care of both technical as well as legal aspects of cyber security. There is no doubt about the proposition that Indian Parliament is not technology sound and we need to empower it through ICT. At the same time we must also train the governmental officials holding key positions in crucial ministries and departments about basic technology, cyber law and cyber security. These individuals must be trained suitably so that cyber security of crucial systems may not be compromised.

Cyber security is very important to protect businesses, governments and general public at large. The same must be a part of the national policy of a nation. Another crucial aspect related to a secure and strong cyber security in India pertains to critical ICT infrastructure protection in India. Critical infrastructure is becoming increasingly dependent upon ICT these days. If we are unable to secure an ICT system we are also risking critical ICT infrastructure as well.

On the one hand India has a weak and criminal friendly cyber law whereas on the other hand it does not possess tech-savvy law enforcement machinery. Even lawyers and judges are not that much aware about the nitty-gritty of cyber laws. It is high time for India to take some serious steps towards not only making the cyber law of India stronger but also to streamline cyber security of India.

AUTHOR: RAM K KAUSHIK

SOURCE:
GROUND REPORT