Cyber Warfare

#11

Cyberwarfare is Internet-based fight involving personally/politically motivated attacks on information and information systems. Cyber Warfare attacks can disable official websites and networks, disrupt or disable essential services, steal or alter classified data, and crippled financial systems -- among many other possibilities.

Cyber warfare against India has always been confused with minor cyber breaches like websites defacements and cracking into e-mail accounts. India has also been very late in recognising the need for a robust cyber security. Even the national cyber security policy of India 2013 (NCSP 2013) was declared belatedly and it is still waiting for its implementation. India has no cyber warfare policy till date.

International legal issues of cyber attacks, cyber terrorism, cyber espionage, cyber warfare and cyber crimes in general and international legal issues of cyber attacks and Indian perspective in particular must be understood thoroughly by Indian government to fight against cyber warfare.

The Department of Information Technology created the Indian Computer Emergency Response Team (CERT-In) in 2004 to thwart cyber attacks in India. That year, there were 23 reported cyber security breaches. In 2011, there were 13,301. That year, the government created a new subdivision, the National Critical Information Infrastructure Protection Centre[page needed] (NCIIPC) to thwart attacks against energy, transport, banking, telecom, defence, space and other sensitive areas. However, there is no public face of NCIPC and some experts believe that NCIPC has failed to materialise and perform its job. It was also reported that National Technical Research Organisation (NTRO) would protect the critical ICT infrastructures of India. However, critical infrastructure protection in India has its own challenges (Pdf) that Indian government has not appreciated till now.

The Executive Director of the Nuclear Power Corporation of India (NPCIL) stated in February 2013 that his company alone was forced to block up to ten targeted attacks a day. CERT-In was left to protect less critical sectors.

A high-profile cyber attack on 12 July 2012 breached the email accounts of about 12,000 people, including those of officials from the Ministry of External Affairs, Ministry of Home Affairs, Defence Research and Development Organisation (DRDO), and the Indo-Tibetan Border Police (ITBP). A government-private sector plan being overseen by National Security Advisor (NSA) Shivshankar Menon began in October 2012, and intends to beef up India's cyber security capabilities in the light of a group of experts findings that India faces a 470,000 shortfall of such experts despite the country's reputation of being an IT and software powerhouse.

In February 2013, Information Technology Secretary J. Satyanarayana stated that the NCIIPC[page needed] was finalizing policies related to national cyber security that would focus on domestic security solutions, reducing exposure through foreign technology.Other steps include the isolation of various security agencies to ensure that a synchronised attack could not succeed on all fronts and the planned appointment of a National Cyber Security Coordinator. As of that month, there had been no significant economic or physical damage to India related to cyber attacks.

References - Wikipedia [Case Study]