Cyber Security: India


    What is Cyber Security?

    Cyber Security is an action of securing cyberspace that includes servers, mobile devices, computers, electronic systems, networking systems, and the data in them from malicious activities like hacking, data breach, etc. It is also called ‘information technology security’ or ‘electronic information security’. The term ‘Cyber Security’ applies in various contexts from large scale business to mobile computing.

    The security offered in cyberspace are classified into a few common categories:

    Network security
    It is a practice of protecting a computer network from intruders whether targeted attackers or opportunistic malware.

    Information security
    An act of protecting the integrity and privacy of data, both in storage and transit.

    Application security
    It focuses on maintaining software and devices free from threats. Any compromised application could provide access to the data for which the application is designed. Well before a program or device is deployed, security will successfully begin in its design stage.

    Operational security
    This process of security includes the decisions for handling and protecting data assets. User permissions to have access to a network and the determining procedures of how and where data may be stored or shared falls under the roof of operational security.

    Disaster recovery and business restoration
    The situation defines how an organization responds to a cyber-security intrusion or any event that causes loss of operations or data. The disaster recovery policies enable the organization to restore its operations and information to return to the same operating capacity as before the event. Without certain resources, any organization falls back to operate and continue or restore business.


    End-user education

    It addresses the most unpredictable cyber-security factor. Anyone can accidentally introduce a virus to the security system by failing to follow good security practices. Hence, users must be taught to delete suspicious email attachments, not to plug in unidentified USB drives and various other vital lessons for the security of any organization.

    What are the types of Cyberthreats?

    The threats faced by cyber-security are three-fold:

    1. Cybercrime
    This action includes single or groups, targeting systems to disrupt functioning or for financial gain.

    2. Cyber terrorism
    This action is intended to undermine electronic systems to cause panic or fear.

    3. Cyber-attack
    This action involves the gathering of politically motivated information.

    What is ‘Malware’?

    Malware is malicious software created by a cybercriminal or hacker to disrupt or destroy a legitimate user’s network or computer. It is often spread through an unsolicited email attachment or as a legitimate-looking download. This malware is used by cybercriminals to make money or in case of politically motivated cyber-attacks.
    The different types of malware include:

    It is a self-replicating program that attaches to clean files and spreads throughout a computer system, infecting all the data with the malicious code.
    It is a program that secretly records the activities of a user so that the cybercriminals can make use of the information that may be confidential. For example, the spyware can access the credit/debit card details.
    This is a type of malware that is disguised as legitimate software. Users are tricked by cybercriminals by uploading Trojans onto their computers where they can cause damage or collect data.
    It is malware that locks down user’s files and data accompanying the threat of erasing them unless a ransom is paid.
    These are the networks of malware infects computers used by cybercriminals to perform tasks online without the user’s permission.
    It is advertising software that can be used to spread malware.

    How good is India in Cyber Security?

    India is moving towards digitalization and hence the security in Cyber Space is to be under constant surveillance. There will be a boom in cyber-attacks and to counter them, there has to increase the number of cybersecurity professionals.
    The Cybersecurity Policy of 2013 is open and technology-neutral but requires a technology upgrade. In total India’s economy, 14-15% is comprised of the digital economy and has a targeted reach to 20% by 2024. The Indian private sector has started playing a significant role in the power, transportation, and healthcare sectors. So, it will be necessary to undertake a thorough risk and gap assessment of current cyber resilience in various economic sectors of the country. With the increase in cyber-attacks, there is 98% cybersecurity in India.

    What is the scope of Cyber Security jobs in India?

    India has been the second most cyber-attack affected country, according to the Data Security Council of India (DSCI). Hence, cybersecurity has emerged as an issue of vital importance for everyone as governments, businesses and individuals are under constant attack and these attacks steal a large amount of money, in the form of personal and business data.

    Cybersecurity jobs now account for 13% of all information technology jobs across the world. The work-from-home scenario with the COVID-19 onset has further augmented the need for a robust cybersecurity solution for ensuring business continuity.
    There are around 50,000 job openings in the field of Cybersecurity with the major distribution of jobs across Mumbai, Pune, Bangalore, Chennai, Kolkata, Delhi, and Hyderabad with Bangalore being the highest contributor. The demand for cyber experts has gone up substantially due to COVID-19 but the talent pool to address this exponential demand is still low. India has a much higher percentage of cybersecurity professionals compared to the western world but the demand for making it a good opportunity is far less to explore for job aspirants.

    Major Cyberattacks in India

    Advanced cyber-attack techniques have been adopted by cyber-criminals for their targeted end-users. Numerous business sectors have faced recent cyber-attack in India. Top 5 cyber-attacks in India in recent times are:

    1. Cyber-attack on Cosmos Bank in Pune

    This is a recent attack in 2018 that shook the whole banking sector of India when hackers siphoned off Rs.92.42 crore from the Cosmos Cooperative Bank Ltd. In Pune. Bank’s ATM server was hacked by hackers and they took the details of many visas and rupee debit cardholders. Money was completely wiped off by them (hacker gangs from 28 countries) and they withdrew the amount as soon as they were informed.

    2. UIDAI Aadhaar Software Hack

    A massive data breach of personal records of 1.1 billion Indian Aadhaar cardholders happened in 2018. The data leak included Aadhaar, PAN and mobile numbers, bank account numbers, IFSC codes, and almost every card holder’s personal information. If it wasn’t enough astonishing, anonymous sellers were able to sell Aadhaar information of any person for Rs. 500 over Whatsapp and one could get any person’s card printout by paying an extra amount of Rs.300.

    3. ATM System Hack

    Canara Bank ATM servers were targeted in this cyber-attack around mid-2018. According to the sources, a count of 50 victims was estimated with almost 20 lakh rupees wiped-off from various bank accounts. The hackers used skimming devices to steal information from debit cardholders.

    4. Hack on Indian Healthcare Websites

    Recently in 2019, Indian-base healthcare websites became a victim of cyber-attack. Hackers broke into one of India’s leading healthcare websites and stole about 68 lakh records of patients and doctors.

    5. SIM swap scam

    Two hackers from Mumbai illegally transferred 4 crore rupees from numerous bank accounts of many individuals. They did so by fraudulently gaining SIM card information and blocked the Sim cards of individuals and with the help of fake document posts, they carried out transactions through online banking.


    End-user protection

    A crucial point of security is primarily end-user protection or endpoint security because it is, after all, an individual (the end-user) who accidentally injects or uploads a malware or other forms of cyber threat into their desktop, laptop or mobile device.
    So, how the cyber-security enables protection is, it relies on cryptographic protocols to encrypt emails, files, and other important critical data. It not only protects the data in transit but also guards against any loss or theft. Besides, end-user security software scans a computer for any pieces of malicious code if present, and removes it from the machine.

    The security programs continue to evolve as defending forces as the cyber-security professionals identify new threats and new ways to combat them. Employees need to be educated about how to use, to make the most of the end-user security software by keeping it running and updating it frequently to ensure that it can protect users against the latest cyber threats.

    Cybersafety – Protection from cyberattacks

    • Safety tips to business and individual guards to protect against cyber threats:
    • Update software and operating system.
    • Use anti-virus software
    • Use strong passwords
    • Avoid using insecure WiFi networks in public places
    • Do not open email attachments from unknown senders
    • Do not click on links in the emails from unknown senders or unfamiliar websites.


    Please enter your comment!
    Please enter your name here