India Insights with Geetha Nandikotkur

Audit , Governance

How to Tackle the Growth of Cybercrime

Home Minister Singh Warns of Risks of International Cyberattacks
How to Tackle the Growth of Cybercrime
Union Home Minister, Rajnath Singh

Union Home Minister Rajnath Singh says India is increasingly susceptible to international cyberattacks, and new barriers must be created. He also asks cybersecurity experts to be alert to online radicalization.

For Digital India to succeed, he says, ensuring cybersecurity is critical. It is much harder to identify or locate criminals committing crime via the internet, as they are masked, just like terrorists. In this inter-connected world, the criminals are different, but their objective is one -- to endanger the country and its citizens.

The government machinery seems to be taking baby steps toward a cybersecure ecosystem. 

Singh observes that the cyber world is the next dimension of security after air, water and space. Cybercrime is in a different league, as it is multi-layered, multi-locational, multi-lingual, throwing up the most critical challenges.

While the home ministry is working at a strategy to address these challenges, India's cybersecurity co-ordination centre appointed by the PMO is seeking industry support in preventing India's critical infrastructure system from collapsing.

"It is always a team effort implementing any strategy to combat cybercrime or ensuring a cybercrime-free environment, given that India, with a fast growing economy, is susceptible to international and domestic cyber-attacks," Singh says.

India's Top Threat

The biggest current challenge is the rise of cybercrime complaints, which were up by 79 percent in the past year, an average of 10,709 complaints per month. The primary task is to improve defenses and reduce complaints. The reason, says communications and IT minister Ravi Shankar Prasad, is the proliferation of information technology and increasing cybersecurity violations.

In 2013, according to CERT-In, 71,780 incidents were reported from January-September, compared with the 96,383 reported during the same period this year.

Also, according to National Crime Records Bureau, during September 2014 alone, about 14,150 sites were hacked. This year so far has witnessed more targeted cybercrime cases, offering warning signals to authorities to take preventive measures and prompted the ministry to form a cybercrime expert panel to study the adversities.

A reason cited for the rise in attacks is the acute shortage of skilled cybersecurity professionals to mitigate threats. Another is that India's national cybersecurity policy is restricted to being merely a draft paper; its implementation has been tardy.

Expert Recommendations and Reality

Recommendations from the expert committee stand testimony to the government's seriousness.

The expert study group includes Dr. Gulshan Rai, National Cyber Security Coordinator; Professor N. Balakrishnan, Indian Institute of Science, Bangalore; Dr. Rajat Moona, Director General, Center for Development of Advanced Computing (CDAC), Pune; Shri B.J. Srinath, Director General Cert-In; Dr. Manindra Aggarwal, Professor Computer Science, IIT Kanpur; Dr D. Das, Professor IIIT Bangalore; and Shri Kumar Alok, Joint Secretary (Centre State).

Some recommendations include:

  • Setting up a Cyber Crime Co-ordination Centre at the national level, having branches across all states with an investment of $85 million, increasing by 40 percent annually;
  • ICCCC partnering with Crime and Criminal Tracking Network & Systems and National Intelligence Grid to access databases that have information related to crime and criminals;
  • Advance application of social media analytics to monitor social media platform activities related to Ministries of Home, External Affairs, Defence and other government organizations;
  • Capacity building and cyber education for parents;
  • Close monitoring of online shopping and social networking websites;
  • Reduced dependency on foreign servers and ensuring one dedicated secure gateway for all government communication

How will the ministry implement the recommendations, given the complex nature and volume of cybercrime?

Delhi-based Dr. Triveni Singh, additional superintendent of police, Special Task Force, UP Police, cautions: "With a systematic approach to develop talent around monitoring cyberspace, creating cyber informers who can send alerts to various departments and help them take legal action is a must."

Reducing Cybercrime-Ideal Plan of Action?

Industry still hasn't received any update on the home ministry's plan of action, nor on CERT-In's work on its empaneled 45 security auditors to carry out a security audit of the IT infrastructure of government, public and private sector organizations.

The security industry thinks the government must have a stringent timeline to implement its plans, lest criminals take over and disrupt harmony.

What I understand from recent interactions with Dr. Gulshan Rai, India's cybersecurity co-ordinator handpicked by the PMO, is the cybersecurity complexity can only be resolved with a multi-stakeholder approach with the industry participating in building the wherewithal for a cybersecure ecosystem.

The government machinery seems to be taking baby steps toward a cybersecure ecosystem.

The Maharashtra government has sanctioned an outlay of $3 million this year toward setting up cybercrime and forensic labs in each district.

The state plans to set up:

  • Basic cybercrime investigation capabilities at police stations across Maharashtra;
  • Advanced cyber cells at district level and commission;
  • State-of-the-art cyber forensic labs and investigation labs in major cities.

Also participating is the National cybersecurity task force, formed by Nasscom and DSCI, striking the chord with the government to evolve a realistic roadmap.

Every security practitioner, whether from legal enforcement groups, the CISO fraternity, cyber experts, fraud and compliance groups or forensic groups, is keen to track the progress.

Brijesh Singh, CISO for Maharashtra and IG of CID says, "To streamline the process, the government has mandated every enterprise to appoint a CISO to bring in security measures necessary to help the law enforcement group understand data privacy and risk challenges."

In my opinion, the government must take a holistic approach to address this issue. What is lacking currently is a clear communication conduit between the government, private sector and the industry bodies.

Each department is functioning and building its own strategy in isolation to combat cybercrime, while this is a national issue. There is no mechanism to bridge this gap. It is imperative for the Cybersecurity Task Force to bridge this gap by working on blue print with the roles and responsibilities of each entity clearly spelt out along with clear modus operandi of each department's approach towards tackling cybercrime.



About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Managing Editor, Asia & the Middle East, ISMG

Nandikotkur is an award-winning journalist with over 20 years' experience in newspapers, audio-visual media, magazines and research. She has an understanding of technology and business journalism, and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a Group Editor for CIO & Leader, IT Next and CSO Forum.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.