Cybercrime went up by 500% during Pandemic

In News

• Chief of Defence Staff (CDS) General Bipin Rawat has stressed the need for a national framework to thwart cyber attacks that have been on the rise in the country. 

About

• Kerala Police: He was delivering the inaugural address of the 14th edition of c0c0n, the annual cyber security and hacking conference.
  • The conference is being organised by Kerala Police in association with two non-profit organisations, the Society for the Policing of Cyberspace (POLCYB) and the Information Security Research Association (ISRA).
• Aim: The conference aims to discuss at the international level the challenges facing the digital world during the COVID period and the solutions needed to overcome them.

What is Cybercrime?

• Cybercrime has been defined under the IT act as an unlawful act committed with the use of computers as a tool or for targeting it.
• It is taking place of unauthorized access to a computer system without the knowledge or permission of the actual owner.
• The most common and trending cybercrimes taking place widely are phishing, spoofing, DoS (Denial of Service) attack, credit card fraud, online transaction fraud, cyber defamation, child pornography, etc.

What is the need for such a law?

• Need of a data protection law: While a National Cybersecurity Strategy is in the offing, the country is also in dire need of a data protection law, with cybercriminals increasingly weaponising data as a tool against national security in the post-pandemic era.
  • There is a delay in passing the Personal Data Protection Bill that had been tabled in Parliament two years ago.
• Information Technology Act, 2000: which dealt with cybersecurity and cybercrimes is not equipped to consider new-age changes in the mode of functioning of businesses and modus operandi of crimes in cyberspace.

Issues/challenges

• Rise of digital payments: With data gradually transcending into the open domain with numerous firms permitting employees to work from their homes amid the pandemic, sensitive information has become susceptible to security vulnerabilities.
• Emerging new threats: We need to consider the emerging threats from new technologies such as drones, ransomware, Internet of Things (IoT) devices and also the role of nation-states in such cyber attacks.
• Dependence on technology: The lockdown, which witnessed a deeper adoption of interconnected devices and hybrid work environments, has increased our dependence on technology. This renders us digitally more vulnerable than ever before.
• Government officials becoming the target: Highlighting the possibility of government officials who deal with sensitive information becoming prime targets for cyber attacks.
• Threat to national security: Data is the new goldmine for any organisation, especially for the bad elements that lurk in the dark web. With cybercriminals and inimical actors increasingly using the information to threaten national security, the matter is of serious concern.
• Hacking: This action is penetrating into someone’s system in an unauthorized fashion to steal or destroy data, which has grown hundreds of folds in the past few years. The availability of information online makes it easier for even non-technical people to perform hacking.
• Phishing: The easiest to execute and can produce the results with very little effort. It is the act of sending out Fake emails, text messages and creating websites to look like they’re from authentic companies. 

Government initiatives to mitigate cyber security incidents

• National Critical Information Infrastructure Protection Centre: Establishment of National Critical Information Infrastructure Protection Centre (NCIIPC) for protection of critical information infrastructure in the country.
• CERT-In: All organizations providing digital services have been mandated to report cyber security incidents to CERT-In expeditiously.
• Cyber Swachhta Kendra: has been launched for providing detection of malicious programmes and free tools to remove such programmes.
• Guidelines for Chief Information Security Officers (CISOs): regarding their key roles and responsibilities for securing applications/infrastructure and compliance.
• Audit: Provision for audit of the government websites and applications prior to their hosting, and thereafter at regular intervals.
• Crisis Management Plan: Formulation of Crisis Management Plan for countering cyber attacks and cyber-terrorism.
• Conducting cyber security mock drills and exercises: to enable assessment of cyber security posture and preparedness of organizations in Government and critical sectors. 

Way forward/ Suggestions

• Increasing the efficiency of law enforcement agencies: Cyberlaw agencies should work efficiently by abiding by law enforcement agencies and IT security organizations.
• Develop new skills and opportunities: These industries should come together to develop new skills and opportunities. People should always take precautions by using a strong combination of passwords for every other account and try to keep their information and pictures private on social media accounts by ensuring security settings.
• Protect your data: Protect your data by using encryption for your most sensitive files such as financial records and tax returns.
• Protect your identity online: When it comes to protecting your identity online it is better to be too cautious than not cautious enough. It is critical that you be cautious when giving out personal IDs such as your name, address, phone number and/or financial information on the Internet.

Source: TH