It is indeed not only a current fact but also an unavoidable need that no country or economy can survive and progress without having a resilient and robust digital infrastructure as a backbone to support its ecommerce, health, education, agriculture, manufacturing and all service sectors. However more a country has the exposure to digitalisation, more commensurate risk is manifested by virtue of a spurt in probability of cyber and hacking attacks as vulnerabilities or point of intrusion (PoI) multiplies. It is also reported in a study carried out by Huawei that artificial intelligence (AI) could almost double the value of global digital economy to $23 trillion by 2025 from $12.9 trillion in 2017. However, the worldwide scarcity of AI talent is a challenge and threat to this growth. So, a strong cyber security defence for digital infrastructure is a top priority for each country.
Latest updates & serious incidents
- One of the reports in the Washington Post stated that Chinese government hackers have stolen highly-sensitive ‘top secret category’ files on underwater warfare. The files include the data that pertains to a supersonic anti-ship missile meant for the use on US submarines. Though the Chinese Embassy in the US has denied any such incident, it is reported that hackers targeted a contractor who works for the Naval Undersea Warfare Centre, a military entity based in Newport, Rhode Island. As reported, it was related to the project called ‘Sea Dragon.’ So, it is one of the most serious incidents of hacking so far as it has a potential that could bring two countries at loggerheads against each other with serious consequences. One can look at this incident as to what kind of pursuits/ measures shall be taken forward in times to come.
- People all over the world and now even in India are chugging data like never before. In just last three years, the use of data in India has increased fifteen times. It stood at 4GB per capita on 31 December 2017 which within a year rose to 5.5GB per capita by December 2018. Data has become cheaper and faster. India provides data globally at the cheapest rate and its expansion is fastest. Cyber threats have also increased in the same proportion as hackers do spend energy and resources to remain ahead to the counterparts who design improved defence processes and technologies to counter.
- About 500 million Indians were online in 2017 and the rate is growing exponentially. The Indian annual growth rate is about four times of the global average which is just 3%, even though India is still considerably underpenetrated compared to China and USA. Half of these online Indians usually make use of social media platforms while about 40% use e-mail and search. It is expected that e-commerce business in India shall become nearly $130-140 billion by the end of 2020. Indian digital economy itself is expected to be about $1 trillion by 2024, and hence, this volume of business shall also be at risk caused by cybercrimes and hacking attacks.
- In a sensational case, CBI booked unknown officials of the National Stock Exchange (NSE), Securities Exchange Board of India (SEBI), the promoter of a stock-trading company OPG Securities, and an economist and former consultant in the finance ministry for manipulating NSE software to get prior access to the markets after opening, ahead of other brokers by some seconds, to make gains in trade. It is just to make out how serious such incidents could be as it offers serious challenges to a market place globally that deals in trillions of dollars every day.
- The researchers have discovered a way to crash a person’s desktop or laptop simply by playing a sound through the device’s speakers. Such techniques could disrupt surveillance systems and sabotage medical devices. It has been published by a US and a Chinese university with details of their findings in a paper titled ‘Blue Note: How International Acoustic Interference Damages Availability and Integrity in Hard Disk Drives and Operating Systems.’ This discovery is the latest in a long line of methods available to attackers to crash devices remotely, which include symbols and messages sent by a text message or other messaging apps.
- There is a new crypto-jacking cyber warfare where the injected malware infiltrates target’s systems and converts computers into zombies. In doing so the primary intention of hackers is not to steal information but to mine crypto currencies. It was used against nearly 2000 computers of Aditya Birla Group. One of the symptoms noticed during the attack was of slowing down of the machines. The digital currency that was mined in this attack was Monero. This currency is virtually untraceable and believed to be more anonymous than Bitcoin, the best known crypto currency which experienced huge volatility amid regulatory crackdowns and strong interest from wealthy investors who chose to diversify beyond conventional securities and central bank-backed dominant fiat currencies like dollar and euro.
- A team of Dutch security researchers recently unveiled some new findings regarding ‘Rowhammer,’ an unintended side effect in DRAM chips that can be used to tamper with an entire computer which could be an effective way to hijack any smart phone. Though Google says that it is still a theoretical concept and not yet used in any attack but it is for sure that the smart phone manufacturers have to use a permanent fix for the same while incorporating them in designs.
- It is also a fact that the first native blockchain mobile phone by the HTC has been unveiled as HTC-Exodus. The Android powered Exodus device features a universal wallet and hardware support for all major crypto currencies like Bitcoin and Ethereum, and decentralized apps. So, one more new challenge is on the horizon.
- Though GDPR has been put in place by EU and Justice Krishna’s report on data protection in India is out but there is a lot that needs to be taken care of, and such laws are to be constantly improved and updated keeping pace with the developments in order to remain in safe environment in this digital world. The dark net brings huge amount of challenges as it has become a source of inspiration to many for making quick bucks. A disgruntle senior programmer from an Israeli Spyware developing company was caught recently after he stole its malware, and tried to sell it on the dark net as he got lured by an opportunity to make money the fastest way. It provides a host of new threats to the security of the nation and its establishments. So, India needs to bring in and develop a huge indigenous R&D infrastructure in the quickest time span in order to address the emerging challenges of cyber security threats.
- The Department of Telecommunication, Government of India has unveiled the National Digital Communications Policy, 2018 which aims to attract investments worth $100 billion by 2020 in the sector, so that it can contribute 8% to the GDP. The IT Minister says that India shall have a $1 trillion Digital India worth by 2025. The GoI has also plans to digitally connect each house in villages, and public institutions such as post offices, police stations and schools. There are plans to connect 2.5 lakh villages by March 2021 as 1.25 lakh have already been connected through Bharat Net. There are also plans to create 10,000 Wi-Fi hot spots by the year end and it shall provide an opportunity to a new stream of public data offices (PDOs) providers. So, there are ambitious plans by the GoI in times ahead and India has 400% increase in the mobile net connectivity in past two years which is unprecedented in the world. This needs commensurate efforts towards creation of cyber defence for India with a strong R&D infrastructure. There are so many new tools of business intelligence for data analytics, and some of them have inbuilt provisions whereby data of an organisation or a bank or any other GoI offices could be compromised. The integrated security solutions backed by state-of-the-art centralized command & control centres for 100 smart cities mission of India also has huge responsibility to lay fibre optic cable based infrastructure for the connectivity and IoT.
- Indian public cloud services revenue was projected to grow 37.5% in 2018 to $2.5 billion, up from $1.8 billion in 2017, and it surpassed the target. The growing segment is ‘Infrastructure-as-a-Service (IaaS).’ The Business Process-as-a-Service (BPaaS), Platform-asa-Service (PaaS), Software-as-a-Service (SaaS), cloud management and security services are already contributing to the digital spread underway in India. It is indeed a fact that India does not have a befitting cyber security infrastructure as of now and a lot needs to be done in that direction, not only by the GoI but by the cyber security providers as well. Physical and electronic security providers have to venture into it as there is a need to have seamless security solutions as offerings to consumers to meet such challenges.
The popularity of virtual currencies has grown, and hackers are focusing on a new type of heists i.e., putting malicious software on people’s handsets, PCs, TVs and smart fridges, and other smart gadgets that make them mine for digital money. Crypto-jacking has become a growing problem in the cyber security industry, affecting both consumers and organisations. It has been noticed that the electricity bills of some companies grew in thousands of dollars as their systems were used for mining crypto currencies. Hackers try to use victims’ processing power because that is what’s needed to create or mine virtual currencies. In virtual currency mining, computers are used to make the complex calculations that verify a running ledger of all transactions in virtual currencies around the world. There were about 1,46,704 such incidents in September 2017 and that grew to about 22.4 million in December 2017.
So, one can make out what speed cybersecurity challenges are increasing day by day. We need to think as security providers in India how best we can run this race and meet such challenges? As of now the homeland security industry in India is lacking not only in efforts but also in will to take on such challenges. Skills are scarce and there are no plans to either acquire or upgrade at a scale needed. No one wants to take the onus. It is a fact that internet users will beat TV globally by next year. An average person spends about eight hours a day on its use i.e., about 479 minutes, and close to 3,000 hours by this year end. It shall touch to nearly 492 minutes a day in 2020. The growth in India is no different as Indian population love technology upgrades and their favourite toy as on date is mobile handset with fastest internet services on it. But they ignore security features and we in the industry forget to ensure safety against cyber and hacking attacks.
There was a time when people came to India because business was lucrative, the land was lush, the rulers were liberal about expats and the standard of living was good. India is going to provide all these shortly but with additional free field to cyber crimes and hacking attacks if adequate measures are not put in place against cyber crimes and hacking attacks on its digital infrastructure. There is a need that India brings an India International Institute of Excellence in Cyber Security Defence at a suitable central place at New Delhi at the earliest.