Cyber security and defence against cyber warfare assume greater significance due to rapidly increasing risks, vulnerabilities, threats, cyber crimes and fraud.

Recently, the US Defense Advanced Research Projects Agency organised a cyber grand challenge competition to assess its defence readiness. Seven automated security systems battled against each other at Las Vegas in a 96-round hacking game named ‘Capture The Flag’. The US Defense Department’s R&D arm arranged a robotics challenge to navigate intelligently in a threat-infested internet domain and to identify risks and re-mediate software vulnerabilities.

Teams were provided with servers to execute defensive tasks when systems were aggressively attacked with ‘new code filled with bugs, security holes, and inefficiencies’ and deadly bugs. The objective of the game was not only to safeguard own data but also to access others’ data.

The Capture The Flag competition provided an insight to futuristic cyber security concerns when supercomputers are going to be increasingly deployed for hacking in a real-world environment. The systems had to compete continuously for protecting patching themselves while detecting intrusions, and to ‘reverse-engineer’ exploits within fraction of a second.

Cyber terrorism changing The competition is a precursor to the emerging real-world cyber warfare. Critical infrastructure in many countries will soon be susceptible to cyber terrorism. Cross-networking of personal data devices, electronic health records, medical devices and hospital networks will create new opportunities for data theft, source code manipulation, and undetected access to target networks. The Internet of Things is adding a new dimension to the security landscape.

Connecting devices into the electric grid, autonomous vehicles, and household appliances will bring added efficiency, energy conservation, and convenience, but will be exposed to new threats. Cyber security professionals must be prepared for the new challenges for identification, surveillance, monitoring, location tracking, targeting for recruitment, access to networks and stealing user credentials.

Artificial Intelligence (AI) systems, ‘Narrow AI’ systems, and ‘General AI’ systems also pose increased vulnerability to autonomous decision-making. Hackers are found using false data and unanticipated algorithm to create stock market fluctuations.

Dependence on AI systems for civilian industries and national security can damage critical infrastructure.

Cyber criminals are no longer lone wolves. Organised hackvists are interested in bank frauds and stealing credit card data. According to the 2016 IBM X-Force Threat Intelligence Report organised crime groups aim at higher-value records like health-related personally identifiable information. Many large bank frauds were reported in Canada, Australia, the UK, France, Turkey and Japan besides the US. In 2015 attackers stole over $1 billion from more than 100 banks in about 30 countries including Russia, Japan and the US.

Besides, hackvists threatened to release stolen top secret government intelligence records in Canada.

Currently, state sponsored cyber terrorism, non-state terrorist groups, corporate and individual hackvists are engaged in different crimes, espionage, theft of patents, and other information assets. Nations such as Russia, China, Iran, North Korea are reported to use cyber capabilities as an effective geostrategic tool for espionage, propaganda attacks, to target critical infrastructure systems, for intelligence gathering, and to support political and military objectives. Russian cyber actors post disinformation on commercial websites. Chinese military uses cyber deception operations to conceal intentions.

Commercial vendors tend to aggregate sensitive digitised information about individuals and states and sell it to interested parties. Non-state terrorist groups deploy internet “to organise, recruit, spread propaganda, collect intelligence, raise funds, and coordinate operations”. ISIL actors are found targeting sensitive information about US military personnel to spur ‘lone-wolf’ attacks for theft, extortion, and drug trafficking. ‘Ransomware’ block user data access for extortion.

India’s requirement India’s existing cyber security policy of 2013 must be reviewed in the light of emerging cyber threats propagated by state sponsored international cyber terrorism, military espionage, corporate espionage and financial frauds by individual hackers and groups.

The nation needs a robust and credible cyber security policy and action plan.

India’s cyber security strategy must be able to protect multiple digital intrusions at all levels: military and corporate espionage, electronic attacks disrupting critical infrastructure, ICT and IoT systems and data privacy, integrity and security of its citizens. India needs to set up a national cyber security agency to develop appropriate policy, strategy and action plan, linking key ministries.

Dissemination of best security practices, intelligence sharing, intrusion reporting and effective coordination and partnership between private, corporate, government and international level organisations like the UN, the European Union and India’s allies as the situation demands will become indispensable.

There must be effective computer incident response capability, malware information sharing, and periodical mock drills and exercises. Signing of MoUs on cyber defence with allies and international organisations may become unavoidable as cyber threats defy state borders and organisational boundaries. Such technical arrangements may provide the framework for exchanging information and sharing best practices between emergency response teams.

Privacy issues Cyberspace is increasingly becoming a key domain besides air, sea and land warfare. National cyber security policy must be able to protect citizens’ data confidentiality, integrity and privacy, public safety, business and economic development and national security. The nation’s top strategic, business, and technical leadership, both from government and private must work in tandem bolstering partnerships between central, States, and the local governments. Adequate funding for ICT and IoT security is inevitable for strategic research and development. India must enhance its technological and investigative capabilities. Partnering with government and private agencies to share intelligence is vital.

A special task force must be engaged round the clock vigilance. Best practices must be adopted in competency building, technological solutions, business continuity plan, updating of operating systems, firmware and cyber forensics. Laws must be strengthened to deal with cyber terrorists.

The writer is former DG, CAG of India

Related Topics
comment COMMENT NOW