Security Watch: Interconnected sectors elevate want for strong cyber defence technique

Even as contradictory claims emerge from the Centre and the Maharashtra authorities over the involvement of Chinese actors within the Mumbai energy outage of October final 12 months, the allegations have put concentrate on the necessity for India to be higher ready to guard its essential infrastructure towards globally rising cyber-attack makes an attempt on key infrastructure. Cybersecurity consultants identified that that is significantly vital given the growing interconnectedness of sectors and proliferation of entry factors into the web, which might additional develop with the adaption of 5G.
A National Cyber Security Strategy is being formulated by the Office of National Cyber Security Coordinator on the National Security Council Secretariat. A method doc ready by an inter-ministerial activity drive involving representatives from totally different central authorities ministries and departments has now been forwarded to an Empowered Technology Group for session. Once the method is thru, the doc will likely be positioned earlier than the Cabinet Committee on Security for deliberations and approval.
Hackers concentrating on essential infrastructure just isn’t a brand new development however consultants imagine that propensity for harm is greater than ever, particularly with nations investing in cyber offensive capabilities. In 2015, in what was the primary recognized profitable cyber assault on an influence grid, hackers compromised techniques of three power distribution corporations in Ukraine thereby disrupting electrical energy provide.
“Critical infrastructure is getting digitised in a very fast way — this includes financial services, banks, power, manufacturing, nuclear power plants, etc. Because of these a lot of security issues arise. We just saw the SolarWinds hack, which impacted national critical infrastructure in the US. Most countries are not prepared for combating the sophistication of attacks that are happening,” Saket Modi, co-founder & CEO of cybersecurity agency Safe Security advised The Indian Express.
“A lot of countries have started taking advantage of this. They’re spending unprecedented amount of money and are building armies. Israel is a good example, they say that there is a fourth unit in the defence system, which is for defence and offence. Most countries though are not prepared, India not being an exception but there is a need for high level of preparedness because an attack can have a great impact on the economy, safety, etc,” Modi added.
For the Mumbai incident, whereas the Centre has denied that the outage was a results of cyber assault by Chinese group Red Echo, the Maharashtra authorities — citing an evaluation of Maharashtra Cyber Police’s report by Maharashtra State Electricity Board’s (MSEB) Supervisory Control and Data Acquisition system — mentioned “there is some evidence to point at probable cyber sabotage on MSEB servers”.
In addition to the Mumbai incident, Chinese actors are additionally mentioned to be concerned within the assault on IT techniques of vaccine makers Serum Institute of India and Bharat Biotech.
There have been 6.97 lakh cyber safety incidents reported within the first eight months of 2020, almost equal to the earlier 4 years mixed, in keeping with data reported to and tracked by Indian Computer Emergency Response Team (CERT-In), suggesting a surge in cyber incidents. The surge in quantity is perceptive since 2018 – 2.08 lakh reported incidents – and three.94 incidents reported in 2019. In 2017, the quantity was 53,117 and 50,362 in 2016.
Consequently, there may be additionally a necessity for an up to date cybersecurity coverage within the nation, which the Ministry of Electronics & Information Technology is predicted to return out with quickly. The present cybersecurity framework put out by the federal government dates again to 2013. “It is important for the corporates or the respective government departments to find the gaps in their organisations and address those gaps with the help of next generation security solutions. It is essential that there is a layered security system, wherein security threat intelligence sharing is happening between different layers,” mentioned Sunil Sharma, managing director – gross sales (India & SAARC), at cybersecurity agency Sophos.