Repeated cyber attacks ominous for a post-demonetisation India
Development of home-grown technology and indigenous security solutions are imperative for a safer digital landscapeeditorials Updated: Jun 12, 2017 16:21 IST
Our digital terrain is increasingly under attack. First came ‘WannaCry’, a ransomware that locked up lakhs of computers spread over 150 countries demanding that the victims pay $ 300 or more to get their data back. Within days, this incursion was followed by ‘Fireball’, a malware that could turn web browsers into zombies, and cause victims additional damages ranging from the theft, spying and manipulation of their data, to download of dangerous files onto their computers.
Fireball, probably the largest cyber attack ever, is estimated to have hit more than 250 million computers worldwide, with over 25 million of them in India. Notably, both the attacks are linked to Chinese cyber criminals. The same period also saw a major security breach, where an unidentified hacker stole the data of more than 17 million users from the food delivery startup - Zomato. This string of high-profile attacks, all within the last four weeks, is ominous for a post-demonetisation India trying to transform itself into a digital economy.
The Internet of Things (IoT) is expected to be one of the pillars of our modern-day digital-industrial economy. Every physical device, from our phones and household appliances, to sensors and vehicles, to large-scale infrastructure systems including nuclear plants, already have their control and monitoring procedures digitised, and connected to the internet. This amalgamation of the physical and digital worlds undoubtedly creates massive benefits in efficiency and economics. However, It also creates an opportunity, for anyone from petty thieves to rival nations, to remotely access these systems.
The Indian Government had created a nodal agency, Computer Emergency Response Team (CERT) under the DIT, and a National Technical Research Organisation (NTRO) under the NSA, as early as in 2004. Even afterwards, some of our most sensitive departments from the PMO, MHA and MoD, besides the PCs of several senior officials have been subjected to repetitive digital infiltration attempts, from groups such as Dantis Network, a Chinese espionage group, confirmed a 2016 report by Russian security firm, Kaspersky.
A growing understanding of the havoc that could be caused by these breaches prompted the drafting of a national cyber security policy in 2013, and the appointment of a national cyber security coordinator in 2014. Earlier this year, our Integrated Defence Staff (IDS) also announced the creation of a special unit for cyber warfare.
Cyber warfare is highly asymmetric, where the perpetrator could sit in any location across the globe, and target individuals or organisations, and military or civilian systems, without any prior warning. Cyber threat awareness campaigns, along with regular updates and installations of security solutions, would mitigate the assault effectiveness. WannaCry only affected computers running on a previous version of Windows operating system, those without the latest security patch.
A large proportion of technology components in our critical sectors like communications, energy, banking and defence are imports, a worrying scenario during this turbulent era of unstable geopolitical alignments. Development of homegrown technology across sectors, along with complementary indigenous security solutions is also imperative for a safer digital landscape.
Anil Antony is a venture architect, technology evangelist and a social entrepreneur.
The views expressed are personal