India has seen a major escalation from cyber attacks by foreign companies and government agencies have not denied the involvement of foreign hands aimed at disrupting India’s strong growth following the closure of Covid-19 worldwide.
Sanjeev Singh of The Times of India spoke to Pavan Duggal, a cyberlaw expert and Advocate, the Supreme Court of India on how India should focus on a strong legal framework aimed at cyber attacks that will escalate in the coming years.
Q1: The Maharashtra Institute and Government appear to have differing views on the reasons for the 2020 funding in Mumbai. Your thoughts?
A1: If a cyber security company outside India is looking forward to the upcoming traffic and is targeting India’s key data infrastructure. It reviews the Indian government and comes up with a report. Then the report needs to be viewed in a holistic and objective way.
There is no denying that India has been the victim of cyber attacks by government and non-government actors. The reason is that India is lagging behind in economic growth and recovery. This growth did not appeal to many government and non-government actors. Trying to capture India’s progress seems like a logical agreement.
The issue of cyber attacks targeting India’s sensitive data infrastructure should be a sensible priority. To say that India is completely safe, and that we will never be attacked, is an understatement. We are being attacked on 24/7 and we need to have a sensible way to deal with this. To date, India has only embraced the use of lips in cyber security. Here, too, there are two distinct processes of thinking between the various clergy.
Q2: End of Mumbai was immediately fixed. Is there reason to be concerned?
A2: Luckily for us, Mumbai’s departure was only a few hours away and things were back. What would have happened if the power outage had gone another 15-16 hours? What would happen if the Ukrainian model of cyber attacks was repeated in India? Ukraine’s power grid was targeted directly by Russian hackers in 2015. Large parts of Ukraine were completely dark. We still do not know what kind of audit work the energy company did.
Later, they found that most of the hijackers were still sitting inside, quietly watching the proceedings. It is very important for us to be aware of this world reality. Let us take a brief look at what is presented in this report is not true. But nothing can stop us from reviewing this situation.
Q3: How did the cyber attack on Covid-19 affect you?
A3: Cyber attacks have become commonplace for the past few years. But the advent of Covid-19 has ushered in a golden age of cyber crime. We have never seen this type of cyber-crime activity in this time and age. It is only natural to expect that such an attack will lead to further casualties. They point to the country’s most sensitive information infrastructure such as electricity, energy, banks, insurance, government networks and health care. Two main objectives are electricity grids and health-related services.
Q4: How do these cyber attackers work?
A4: The modus operandi is clear. Attackers work with a black net most of the time. This helps them to hide their technical steps. Even if law enforcement officials try to investigate, they may not be able to do so. They are very good at completing their electronic steps. This makes it difficult to place this attack on a particular cyber character.
These groups focus on identifying those goals that do not have a legal framework or adequate attention that do not exist. They focus on violating dangerous intentions. Unfortunately, India has many flaws in government systems including in critical data structure.
Q5: Can we expect more attacks in the future?
A5: I expect more attacks to come. We will be very focused. We should focus on using this ahead of time. We need to have the right approach and also visit cyber security infrastructure. Countries like China miles ahead of us have three national cyber security laws. India is still drowning in a state of history. We still haven’t come up with a dedicated law to protect online communication. The Indian IT Act 2000 is not enough to address cyber security challenges. India needs a legal framework that makes it easier.
We need to differentiate participants with the appropriate responsibility for protecting and maintaining cyber security. A large part of the sensitive data infrastructure is in the hands of the public and private sectors. We will have to have a working model for cyber security. We need to create more awareness about cyber security.
A6: Does India have enough legal framework to deal with cyber attacks?
A6: We were very easy on cyber security. We have had a data breach notification authorizing all companies to report all these violations from January 2017. No one is overreacting to cyber security breaches in the government. In February 2021, the government implemented the guidelines for IT intermediaries and digital code of conduct. They have announced the specific requirements for all mediators to authorize all cyber security incidents. I hope things will change. Right now, it’s a very relaxed atmosphere. Somehow the Indians did well in the idea of jugad management school. What they don’t realize is that the electronic ecosystem doesn’t give them a second chance.