The digital spark has been lit in India and the country is headed for an exponential growth in eGovernance initiatives.
While the Centre is proudly showcasing it’s big ticket ventures such as Digital India and Smart Cities, state after state is vying for credits by offering numerous citizen centric e-services. Undoubtedly the winner is the smartphone-happy Indian who has been saved the perils of standing in unending queues and greasing swollen palms. So where’s the catch ?
…the industry of Hackers is today at about One Trillion US dollars.
Dependence on Internet. The entire eGovernance platform is based on the Internet, a web whose Root Zone (Domain Name) Servers are managed by 13 authorities belonging to US Government/private sector and some US universities.
As recently as last week, Telecom Minister Prasad pitched for a ‘multi stakeholder’ model for governance of the internet. Something is expected to emerge by 30 September this year. However service delivery by many departments has already commenced and a large amount of government held and personal data is now ‘exposed’ to inimical agencies which would be working overtime collecting the relevant information for obtaining intelligence as well as identifying the weaknesses for exploiting at an opportune moment later.
Worth noting that the industry of Hackers is today at about One Trillion US dollars.
With the easy availability of sophisticated tools available to the hackers, now it is not if you have been hacked or not- it is whether you know it or not! It also seems that the lessons of agencies such as the defence forces have not been learnt, wherein there was an initial proliferation of computer presentations at all levels till some classified plans were discovered on the other side ! Only now have these agencies resorted to strict security policies and clamped down on defaulters.
In absence of clear cut guidelines, most organisations have adopted their own standards of security and audits.
Whither National Policy? Is the IT Act 2000 followed by it’s 2008 amendment and the 2013 National Cyber Policy adequate? Section 70 of IT Act defines, “Critical Information Infrastructure (CII)” as the computer resource, the incapacitation or destruction of which, shall have debilitating impact on national security, economy, public health or safety.
Power, Water, Health are some services being provided by the private sector also and thus in the Cyber world we cannot differentiate between the Government and the Private sectors.
However our organisations are still not clear if breaches of cyber security are to be reported to the National Critical Information Infrastructure Protection Centre (NCIIPC) or Cert-in or the local police station or a dedicated cyber police station. In absence of clear cut guidelines, most organisations have adopted their own standards of security and audits.
While the creation of a National Cyber Security Coordinator in National Security Council Secretariate is a welcome step, a policy in tune with the fast changing times is awaited. We fear the day when the futuristic Internet of Things proliferates and pacemakers, driverless cars, robots and planes start getting hacked! The present policy appears to be Play Now and Pay (with security) Later.
…a majority of smart phone users are utilising various services without any basic antivirus software in their mobiles.
Cyber Security Awareness? For driving cars on the highways we need a license and are fully alert to avoid an accident, but for surfing the information highway most users are unaware as to how to protect themselves. Cyber security ranges from endpoint security to networks to data centres and it is a specialised field.
However training at different levels is available and while the IT specialist may hold the fancy degrees the user is mostly unaware, till it is too late.
In fact a majority of smart phone users are utilising various services without any basic antivirus software in their mobiles.
Till a few decades ago, National Security only implied defending a nations borders. However today it includes ensuring security of Food, Water, Energy, Environment, Economy etc.
Digital India has now facilitated putting this entire security infrastructure on a digital platter in front of inimical forces, not necessarily having contiguous physical borders. It may be wiser to Pay (for security) Now and Play Later.
Please wait...
Hi Sir,
Excellent article. As you said here awareness of being secure must be reached to everyone and more programs and campaigns must be started to improve the awareness. Thanks for sharing this extremely informative article.
high time we all paid heed to the cyber security requirements. More awareness programs should be conducted for the general awareness on security issues before it is too late.
Many of the critical infrastructure components are completely dependent on communication systems to perform their missions. Even after six decades of Independence, India is still not able to manufacture a single mobile device or even our own Operating System (OS). According to Global Innovation Index 2015, India stands at staggering 66th rank where as Switzerland; just the size of an Indian state tops the list. Ironically India alone produces engineering graduates (per year) close to the entire population of Switzerland. Yet, instead of contributing for the establishment of indigenous mobile manufacturing units many of the scientific gurus and political pundits say that manufacturing the devices on our own is ‘time consuming’ and at the same time inviting foreign companies to manufacture in India and exploit its resources and huge population base. At what cost are we inviting them to exploit our resources?
When USA found itself under surveillance attack by the Israeli companies they learning from their mistakes took steps to strengthen their security laws thereby reviewing those company contracts after the incident. Ironically, these same Israeli companies under investigations by the US agencies are being welcomed with open arms by the Indian government. The Indian government is planning to grant the communication infrastructure installations contract to these same companies under Digital India Smart Cities program.
Recently hackers had managed to “test-scan penetrate” over three lakh routers in the heart of the capital and expose India’s best-kept secret: that 95 per cent of them, in such critical departments as defence, finance, space and communications, were leaking and being exploited by rogue entities based in China, Ukraine, Malaysia and elsewhere.
Read here for the key establishments in New Delhi whose leaky routers hackers have plugged into-and the location of the rouge servers: http://greatgameindia.com/digital-india-in-the-age-of-information-warfare/
Very crisp and informative article. Kudos to the author. I personally feel that we are erecting roof of a huge palace, the e-governance, without preparing the foundation. The idea of E-governance is excellence, but we have to strengthen the governance first at the grass root level.