Magazine

English Hindi

Index

Prelims Capsule

Defence & Security

How vulnerable is the Internet?

How vulnerable is the Internet?

Relevance

  • GS 3 || Security || Internal Security Threats || Cyber Security

Why in news?

  • The Fastly internet outage raises questions about how vulnerable the global internet is to more serious disruption. Fastly, blamed a configuration error in its technology.
  • Fastly’s traffic dropped 75% for about an hour just as the US East Coast was beginning to stir raises questions about how vulnerable the global internet is to more serious disruption.

Vulnerability of internet

  • A weakness of an asset or group of assets that can be exploited by one or more threats
    • where an asset is anything that has value to the organization, its business operations and their continuity, including information resources that support the organization’s mission.
  • In the world of cybersecurity, vulnerabilities are unintended flaws found in software programs or operating systems.
  • Vulnerabilities can be the result of improper computer or security configurations and programming errors. If left unaddressed, vulnerabilities create security holes that cybercriminals can exploit.

Cyberattacks

  • The Mahdi Trojan seemed to have spread via phishing emails even though its purpose was also apparently espionage. Infections were reported from Iran, Israel, Afghanistan, the United Arab Emirates, Saudi Arabia, Syria, Lebanon and Egypt.
  • The Duqu worm was discovered in September 2011, followed in quick succession by the Mahdi, Gauss and Flame malware.
    • Flame, Duqu and Gauss shared similar digital DNA with Stuxnet with primary purpose seemed to be espionage (spying), with their targets ranging from banking to government to energy networks.
  • Wiper, a new virus was reported in April 2012 that was much more malicious and wiped off the data on all computers that it infected. This virus largely affected networks in Iran.
  • The Shamoon virus is reported to have wiped off the data from 30,000 computers of the Saudi Arabian state oil company, Aramco, followed a week later by a similar episode on the networks of the second-largest LNG company in the world, Ras Gas of Qatar.
  • Google – in 2009, the Chinese hackers breached Google’s corporate servers gained access to a database containing classified information about suspected spies, agents, and terrorists under surveillance by the US government.
  • eBay reported that an attack exposed its entire account list of 145 million users in May 2014, including names, addresses, dates of birth and encrypted passwords.
  • Yahoo was in the middle of being acquired by Verizon in 2017 when it disclosed it had discovered three data breaches in 2013 and 2014 that affected over one billion users.

Recent cyber attacks

  • The world is a risky place and it is getting riskier, the foundations of the post-Cold War, post-Berlin Wall global system have weakened.
  • Leaders are not doing enough to arrest the dangers of global warming and the “global commons” remains unmanaged.
  • Many governments have spent substantial sums of money building not only defences against attack but also the ability to launch damaging cyber warfare offensives. The United States is one of them.
  • The United States, China, Russia, Israel, and the United Kingdom are regarded to have the most sophisticated cyber warfare capabilities.
  • Red Echo
    • There has been a steep rise in the use of resources like malware by a Chinese group called Red Echo to target “a large swathe” of India’s power sector.
    • Red Echo used malware called ShadowPad,which involves the use of a backdoor to access servers.
  • Solarwinds
    • In 2020 Cyberattack on the US government and private companies in the USA sponsored by Russia. It was termed
    • It involved data breaches across several wings of the U.S. government, including defence, energy and state.
    • SolarWinds hack impacted national critical infrastructure in the USA.
  • Hafnium
    • A Chinese group Hafnium attacked Microsoft’s software gaining remote control over affected systems.
  • Ransomware attack on colonial pipeline company – paid out several million dollars as ransom.
  • Nobellium
    • Russia-backed group,Nobellium, next launched a phishing attack on 3,000 e-mail accounts, targeting USAID
  • A Chinese hacker group known as Stone Panda had “identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India.
  • World Health Organization – in March 2020, hackers leaked information on login credentials from the staff members at WHO.
    • In response to cyberattacks, they stated that “Ensuring the security of health information for the Member States and the privacy of users interacting with us a priority for WHO at all times, but also particularly during the COVID-19 pandemic.

Reason for the vulnerable cyber systems

  • Various telecom giants are using telecom products that are manufactured in china.
  • Lack of importance given by the government and private sectors in appointing cybersecurity professionals.
  • No proper understanding of cyberspace.
  • No ridged bilateral policies on cyber-attacks.
  • No Stronger framework to trace or punish the offenders.

Need for Cybersecurity

  • Be safe from dangers
    • To ensure critical infrastructure system does not collapse under any situation, there has arisen a need for tight cybersecurity.
    • The purpose and concern of cyber security are to keep cyberspace safe from dangers.
  • Every sphere is under threat
    • Cyber is no longer only about security; it’s also about socioeconomics, which encompasses politics, industry, health, education, and essential infrastructure.
    • As a result, cybersecurity and safety has become a critical concern.
  • Growing digitization is also a concern
    • Growing Because of the tremendous digitalisation drive in India, cybersecurity spending is fast increasing.
    • India has become “one of the favourite countries for cyber crooks” as the Internet and smartphones have become more widely used.
    • The recent ransomware assaults have increased the importance of these expenditures.
    • Demand for cybersecurity talent has risen as a result of demonetisation and the government’s push for Digital India.

Why is data being targeted?

  • Motivation behind
    • The motivation of cyber attacks for (some) nation-states, the motivation is geopolitical transformation; for cybercriminals, it is increased profits; for terror groups, the motivation remains much the same.
  • Vulnerability of data – Data is becoming the world’s most precious commodity, attacks on data and data systems are bound to intensify.
    • The data life cycle data at rest (when it is being created and – stored) – data in motion (when it is being transmitted across insecure and uncontrolled networks) and data in use (when it is being consumed). Exposure of data at all these levels is intensifying the risk.
  • Health Care data – Cybercriminals are increasingly targeting a nation’s healthcare system and trying to gain access to patients’ data. The available data aggravates the risk not only to the individual but also to entire communities.

Changing nature of cyber attacks

  • Most nations have been concentrating to date mainly on erecting cyber defences to protect military and strategic targets.
  • They are preparing defences against software vulnerabilities referred to as ‘Zero-day’.However such zero-day vulnerabilities could exist outside the military domain.
    • Zero-day vulnerabilities -Stuxnet is an example that crippled Iran’s uranium enrichment programme some years back.
    • It is a type of attack that exposes a vulnerability in the software and creates complicated problems well before anyone realizes something is wrong.
    • They could lie undetected for a longer time.

International Mechanisms

  • The International Telecommunication Union (ITU) is a specialised institution of the United Nations that plays a key role in telecommunications and cybersecurity standardisation and development.
  • The Budapest Convention on Cybercrime is an international treaty aimed at combating Internet and computer crime (cybercrime) by unifying national laws, strengthening investigative procedures, and enhancing international cooperation.
    • It went into effect on July 1, 2004.
    • This convention does not include India as a signatory.
  • The Internet Governance Forum (IGF) brings together all players in the Internet governance discussion, including government, commercial sector, and civil society.
    • It was initially held in October and November in 2006.
  • The Internet Corporation for Assigned Names and Numbers (ICANN) is a non-profit organisation tasked with coordinating the upkeep and operations of many databases connected to the Internet’s namespaces and numerical spaces, assuring the network’s stability and security.
    • Its headquarters are in Los Angeles, California, United States of America.
  • RSA Conference
    • The RSA Conference is a series of IT security conferences.
    • Approximately 45,000 people attend one of the conferences each year. It was founded in 1991 as a small cryptography conference.
    • RSA conferences take place in the United States, Europe, Asia, and the United Arab Emirates each year. T
    • The conference also hosts educational, professional networking, and awards programs.
  • Tallinn Manual 
    • The Tallinn Manual (originally entitled, Tallinn Manual on the International Law Applicable to Cyber Warfare) is an academic, non-binding study on how international law applies to cyber conflicts and cyber warfare.

Steps taken by the Government to spread awareness about cybercrimes

  • Online cybercrime reporting portal
    • Complainants can now register complaints about child pornography/child sexual abuse material, rape/gang rape imageries, or sexually explicit materials using an online cybercrime reporting system.
  • The Indian Cyber Crime Coordination Centre (I4C) has been developed as part of a programme to deal with cybercrime issues in India in a comprehensive and coordinated manner.
  • CERT-In (Computer Emergency Response Team – India)
  • All organisations and enterprises that provide digital services are required to report cybersecurity issues to CERT-In
    • It is an organisation of the Ministry of Electronics and Information Technology, Government of India, with the objective of securing Indian cyberspace. It is the nodal agency which deals with cybersecurity threats like hacking and phishing.
  • Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre) to detect dangerous programmes and provide free tools to eradicate them.
  • To combat cyber attacks and cyber terrorism, a crisis management plan is being developed.
  • The National Critical Information Infrastructure Protection Centre (NCIIPC) was established to secure the country’s critical information infrastructure.

Way forward

  • Proactive measures
    • India is the second-fastest digital adapter among 17 of the world’s most digital economies, and growing digitisation necessitates proactive cybersecurity measures.
    • New technologies such as artificial intelligence, Machine learning and quantum computing are promising ones for cybersecurity.
    • Government officials, as well as businesses, need to be aware of the potential threat of cyber attacks.
  • Zero Trust-Based Environment-Cybersecurity professionals are now engaged in building a ‘Zero Trust-Based Environment’.
    • Zero Trust is a security concept centred on the belief that organizations should not automatically trust anything inside or outside their perimeters and instead must verify anything and everything trying to connect to its systems before granting access.
    • The strategy around Zero Trust boils down to don’t trust anyone.
  • Bridging security gaps
    • It is critical for businesses and government departments to identify and solve security gaps in their organisations, as well as to build a tiered security system in which security threat intelligence is shared between tiers.
  • Effective deterrence in cyberspace
    • Cyber deterrence can be envisaged on the lines of strategic deterrence to dissuade cyberattackers.
    • Need to acquire offensive capabilities for effective deterrence in cyberspace.
  • Greater Coordination
    • To establish operational coordination among numerous agencies and ministries, an apex entity is required.

Mains model question

  • Recent cybersecurity breaches have shown that, in addition to military and security sites, civilian and commercial businesses are growing vulnerable. Discuss the changing nature of cyber assaults and the methods required to deal with them in this context.

References