Cyber security in India is not upto the mark and as per the expectations. While the cyber attacks are becoming very targeted and highly sophisticated yet India has not made even the most basic efforts to secure its cyberspace. The cyber security trends and developments in India 2013 provided by Perry4Law and Perry4Law’s Techno Legal Base (PTLB) has also outlined many crucial issues (PDF) that are missing from Indian cyber security initiatives.
For instance, India has no cyber warfare policy. A dedicated cyber warfare policy of India (PDF) must be formulated as soon as possible. Similarly, the critical infrastructure protection in India and its problems, challenges and solutions (PDF) are still to be looked into with great priority. It is only now that India has declared that NTRO would protect the Critical ICT Infrastructures of India.
Similarly, a cyber command for Armed Forces of India was in pipeline for long. Now some progress in this regard has taken place. It has been reported that to counter various forms of cyber attacks, India would soon set up a tri-service cyber command. This development was long due but there was little progress in this regard.
The ministry of defence has a draft on the subject ready which the cabinet committee on security, headed by the prime minister, would be taking up for discussion in the days to come. A note for the cabinet committee on security has been prepared for setting up the tri-service cyber command.
Sources said the office of the chairman, chief of staff committee, has written a detailed note to defence minister AK Antony regarding setting up cyber command. Officials, privy to drafting the cabinet note, have explained that the need to have a cyber command has been felt for a long time, as the cyber security infrastructure of India is “weak”.
This is evident from recent incidents of cyber attacks on India. Last year, Chinese hackers broke into sensitive computer systems at the headquarters of the Eastern Naval Command in Visakhapatnam, where the indigenous nuclear submarine Arihant has been undergoing sea trials.
Recently, Defence Research and Development Organisation (DRDO) computer systems were breached and sensitive files were leaked. A top defence ministry officer admitted that India has delayed on the cyber security front. “Cyber command would ensure both offensive and defensive cyber security capabilities. Issues like cyber warfare, cyber espionage and cyber terrorism, etc. would be taken care of by a cyber command.
Prime Minister Manmohan Singh, while addressing the combined commanders conference in November, highlighted the need for developing capacities to counter what he described as “global surveillance operations”.
That NSA whistleblower Edward Snowden had allegedly collected information and intercepted communications in India has lent urgency to setting up a cyber command. As per a recent report, the US is the biggest buyer of malware in the world. Global cyber espionage networks are being actively used to spy on other countries. The command and control servers of malware FinFisher were also found in 36 countries, including India.