What is Cybersecurity?
Definition: Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It is also known as information technology security or electronic information security. Cyber Security is protecting our cyberspace and its infrastructure from attack, damage, misuse, and economic espionage.
Types of Cyber Crimes:
Some types of Cyber crimes are enlisted below-
- Malware: Malware is used to describe malicious software, including spyware, ransomware, and viruses. It usually breaches networks through a vulnerability, like clicking on suspicious email links or installing a risky application.
- Phishing: Phishing is the practice of sending malicious communications (usually emails) designed to appear from reputable, well-known sources. These emails use the same names, logos, wording, etc., as a CEO or company to dull suspicions and get victims to click to harmful links.
- Fraud and Identity Theft: Fraud is the theft of funds by an attacker pretending to be the owner of an account, or using stolen cards or credentials. Identity theft is a related concept and involves compromising a user’s online accounts to enable an attacker to perform actions in their name.
- Browser Hijacking: Attacks like cross-site scripting can cause malicious code to run in a user’s browser. This can result in session hijacking, drive-by downloads and other illicit activity carried out in the user’s browser without their consent.
- Email bombing and spamming: Email bombing is characterized by an abuser sending huge volumes of email to a target address resulting in the victim’s email account or mail servers crashing. The message is meaningless and excessively long in order to consume network resources. If multiple accounts of a mail server are targeted, it may have a denial-of-service impact. Such mail arriving frequently in your inbox can be easily detected by the spam filters.
Also read about the future of cryptocurrency in India
History of Legal Framework for Cybersecurity Laws in India:
- Authorities have been constituted to regulate compliance and enforce penalties for non-compliance under the Information Technology Act 2000 and the Information Technology (Amendment) Act 2008.
- In 2013, the government drafted a National Cybersecurity Policy which was developed to build secure and resilient cyberspace for India’s citizens and businesses. The Ministry of Electronics and Information Technology said that the policy aims to protect information and the information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threats, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology, and cooperation.
- The National Technical Research Organisation is the main agency designed to protect national critical infrastructure and to handle all the cybersecurity incidents in critical sectors of the country.
- The Indian Computer Emergency Response Team (CERT-In) is responsible for incident responses including analysis, forecasts, and alerts on cybersecurity issues and breaches.
- The Ministry of Home Affairs is implementing the ‘Cyber-Crime Prevention against Women & Children’ Scheme with the intent to prevent and reduce cyber crimes against women and children.
Need for Stricter Cybersecurity Laws in India:
- India ranks 2nd in terms of the highest number of internet users in the world after China, the number has grown tremendously in 2019-2020.
- India secures a spot amongst the top 10 spam-sending countries in the world alongside USA.
- India’s digital economy comprises of 14-15% of its total economy and is expected to rise up to 20% by 2024. Thus, cybersecurity laws in India need to be upgraded.
- India is the most cyber-attacked country in the world, revealed the National Cyber Security (NCS) coordinator.
- Cybersecurity in India may have jumped by as much as 500% since the lockdown, according to cybersecurity experts.
Many countries around the globe are resorting to digital warfare and hackers are targeting business organizations and government processes. Amidst this, we need enhanced cybersecurity laws in India to keep a check on cyber vulnerabilities and cyber responses. Thus, there is a need for upgraded cybersecurity laws in India. Given the future of technology under Industrial Revolution 4.0, India requires a strong cybersecurity framework based on the 4D principles i.e. Deter, Detect, Destroy and Document so that it can sub verse all attempts towards any cyber challenges.
Government has recently called for comments on the newest NATIONAL CYBER SECURITY STRATEGY 2020 (NCSS 2020).
This article is written by Mahima Rathod and edited by Rupreet Kaur Dhariwal.