Online data security: Addressing digital risks must be high priority
India’s Internet users will shoot up from 373 million in 2016 to 829 million in 2021. With the Narendra Modi government pushing digital governance to digital identities for citizens and the GST being implemented, protection of online data and transactions have emerged as immense challengesanalysis Updated: Jul 14, 2017 13:51 IST
On 10th July reports poured in of the biggest data breach ever in India. User data allegedly that of Reliance Jio customers was displayed on a website which was subsequently taken down. Customer details, such as name, date of activation, email addresses and mobile numbers could be found in the list. In some cases even the Aadhaar number was available, which set alarm bells ringing. Jio called the data unauthentic and assured its 120 million active subscribers of the highest security. It said it was investigating the “unverified and unsubstantiated claims of the website”.
In The New Digital Era, Google’s Eric Schmidt and Jared Cohen wrote: “Technology empowers all parties, and allows smaller actors to have outsized impacts. And those actors need not be known or official. To wit, we believe it’s possible that virtual states will be created and will shake up the online landscape of physical states in the future.”
Estimates suggest 3.5 billion people or almost half the world used Internet in 2016. Some 12 billion machine-to-machine devices are likely to be connected to the Internet by 2020.
According to Cisco, India’s Internet users will shoot up from 373 million in 2016 to 829 million (59% of population) in 2021. Networked devices in India are likely to increase from 1.4 billion in 2016 to nearly 2 billion in 2021.
With the Narendra Modi government pushing digital governance to digital identities for citizens and the GST being implemented, protection of private, official and classified online data and transactions have emerged as immense challenges.
The UN telecom agency, International Telecommunication Union (ITU), ranked India 23rd among its 193 member countries in its second Global Cybersecurity Index (GCI) released recently. The GCI measures commitments of countries to secure their cyber systems based on five key agendas: Legal, technical, organisational, capacity building and international cooperation.
Pawan Duggal, chairman of the International Commission on Cyber Security Laws, feels Digital India’s image has been left vulnerable with frequent UIDAI breaches, debit card forgeries, and cyber attacks from neighbouring state and non-state actors in the past few months.
“India has a National Cyber Security Policy of 2013, which is a paper tiger since it was not implemented. Unlike Germany and China, India has no cyber Act. You are trying to repair a leaking roof by applying bandaids,” said Duggal.
Tens of thousands of machines were left crippled on June 27, especially in the United States and Europe, following the ‘Petya’ attack from unknown sources on key installation systems, including the Jawaharlal Nehru Port Trust in Mumbai. In May, corporate India scrambled for protection as ‘Wannacry’ cyber attacks wreaked havoc upon some 200,000 organisations in some 150 countries. As per the ITU report, in 2016 one out of every 131 emails were malicious, the highest in five years. This is also a weapon of choice for cyber attacks for everyone from State-sponsored cyber espionage groups to mass mailing ransomware gangs.
Educational institutes are waking up to the growing demand for cyber security professionals beyond ethical hackers. The Delhi University plans to launch a masters programme in cyber security from its next academic session with prevention and mitigation as key elements. The IITs, NIT Kurukshetra and Gujarat Forensic Sciences University in Gandhinagar are few other institutions offering an MTech with cyber specialisations.
Amit Dasgupta, former diplomat and India country director at University of New South Wales, said, “This is one of the great challenges of the 21st century. You have to proliferate an army of cyber security experts, through structured courses beyond just public awareness programmes.”
In an increasingly interconnected online world, addressing digital risks must become high priority for the Indian government. Roles and duties of all stakeholders like the national cyber security coordinator, ministry of electronics and information technology, must be defined.
Importantly, e-initiatives must first ensure e-security.
Smita Sharma is a former journalist with India Today TV and Network 18
The views expressed are personal