#GS 03 Cyber Security

  • The delicate underbelly of our fast expanding digital networks has been exposed over the past few weeks. The All India Institute of Medical Sciences, India’s premier institution, was the target of the first ransomware attack (AIIMS). Almost 40 million health records were compromised when the systems eventually went online more than two weeks later.
  • Soon after, the parent firm of Solar Industries Ltd, one of the Ministry of Defence’s suppliers of ammunition and explosives, was broken into by the ransomware group BlackCat, and more than 2 Terabyte of data were taken.

Increasing susceptibility:

  • Nowadays, ransomware plays a significant role in the bulk of harmful attacks. In this instance, the criminals demand massive sums of money in exchange for disclosing sensitive information. Data shows that over 75% of Indian organisations have experienced similar attacks, with each breach costing an average of 35 crore. Cybercrimes are expected to have cost the global economy $8 trillion in losses by 2023.
  • There are further malware types that can harm any type of computer system. As the barrier between the physical and digital worlds is rapidly blurring, every important infrastructure, such as banking, power, and transportation, is becoming more and more susceptible to attacks from competing states and non-state actors.
  • Malicious software, commonly known as malware, is any application or file created specifically with the goal of causing damage to a server, network, or computer. Spyware, ransomware, Trojan horses, computer viruses, and worms are all examples of malware.
  • Ransomware is a class of malware from cryptovirology that threatens to divulge the victim’s private information or to limit access to it permanently unless a ransom is paid.
  • A set of rules for businesses to follow when connected to the internet was released in 2022 by the Indian Computer Emergency Response Team (CERT-In). The need to report cyberattack occurrences as soon as they are discovered and the designation of a pointsperson with domain competence to communicate with CERT-In were among them.
  • The Indian Government’s Ministry of Electronics and Information Technology houses the Indian Computer Emergency Response Team (CERT-IN or ICERT). It acts as the main management hub for risks to cyber security, such as phishing and hacking. It strengthens the Indian Internet domain’s security-related defence.
  • The Digital Personal Data Protection (DPDP) Law 2022, which is now in draught form, stipulates that data breaches might result in fines of up to 500 crore rupees. The Indian armed services have established the Defense Cyber Agency (DCyA), which is designed for both offensive and defensive actions. Each state in India has its own distinct cyber command and control centre.
  • Yet, the majority of organisations do not have the requisite resources to identify cyberattacks. India also has a serious shortage of cybersecurity experts. In contrast to the 1.2 million workers in the United States, India is anticipated to employ only about 3,000 people overall in this industry.
  • With the introduction of 5G and quantum computing, the potential for digital security breaches and the potency of hazardous infections will only grow. Keeping a watch on these developments would be beneficial for India’s cybersecurity policies.

In order to comprehend the world, one must:

  • International cooperation is essential to maintaining the security of our digital environment because the great majority of cyberattacks come from outside of our national borders. It would also be a cause that has a wide appeal.
  • With the United States, the European Union, South Korea, Russia, and other nations, India has previously approved cybersecurity accords. Even in global frameworks like the Quad and the I2U2, there are initiatives to promote collaboration in cyber event response, technological collaboration, capacity building, and the improvement of cyber resilience (of which India is a member).
  • The UNGA has already created two procedures to deal with security concerns related to information and communication technologies (ICTs):
  • The Open-ended Working Group (OEWG), which Russia founded by a UN resolution, is made up of all member states.
  • The United States requested the Group of Governmental Experts (GGE), a group of 25 nations covering all the key areas, in a resolution that was passed.
  • Among India’s most significant strategic allies, the two rival permanent members of the UN Security Council have drastically different views on a range of issues relating to the Internet, including openness, restrictions on data flow, and digital sovereignty.
  • Nonetheless, based on acceptance, member states have determined that the two resolutions are complementary rather than conflicting. Given the unpredictable global environment of today, these UN organisations will have a tough time holding productive meetings.


  • There will be presence from all the main international powers at the G-20 summit this year in India, which presents an opportunity to improve global cyber security. India can try to establish a set of fundamental cybersecurity standards that are accepted worldwide.