The recent cyber security breaches of websites of several Indian missions abroad and Twitter accounts, stealing of health data, and compromise of bank accounts have raised the red flag for more up-to-date comprehensive and proactive policies on countering these attacks in India, writes Priyanka Bhardwaj. – @Siliconeer #Siliconeer #narendramodi @namo #namo #India #GovtofIndia #DigitalIndia #LegionGroup @legion_group #Twitter #RahulGandhi #IndianNationalCongress #BarkhaDutt #NDTV #VijayMallya #OfficeofRG #RavishKumar
A group of anonymous hackers going by the name of “Legion” that claims to be working out of India gained limelight when they hacked into Twitter accounts of Rahul Gandhi, the Indian National Congress, liquor baron Vijay Mallya, journalists Barkha Dutt and Ravish Kumar, and NDTV, a significant news channel, besides dumping email addresses and passwords of nearly 75,000 chartered accountants @legion_group.
The collective scaled in notoriety when it threatened to hack the Indian Parliament website sansad.nic.in and even slighted the Delhi Police for focusing in chasing the group rather than coming up with “better passwords” for their servers.
Till now their strategy has been to hack, make classified information public and then move on to fresh targets with the help of the mined data.
In a bid to garner public support the group also tweeted, “Support Legion. We will bring you the info needed to bring these criminals to justice.”
These hackers also exhort people to expose corrupt persons by leaking their details to Legion through an email id hosted on SIGAINT.
Strangely the Delhi police probing the hacking of Rahul Gandhi’s Twitter handle have not been able to arrive at a definite conclusion on this group while Raheel Khursheed, looking after policy for Twitter India, has categorically denied detecting any hacking attempts on accounts.
So far all that can be said of the hackers is that they are more than an average savvy bunch which employs more advanced techniques, and use TOR and other proxies to remain untraceable, though not in the league of state spy agency of the U.S.
Albeit no physical or online danger has resulted, this entire episode has exposed serious vulnerabilities and flaws in the entire security chain, and made the prospect of a state sponsored cyber attack with devastating implications even more real and hugely worrisome.
As India gears to embark on the “Digital India” program it is therefore imperative that critical data hosted in various websites of ministries, departments and public-sector firms as well as people-facing web interfaces for various government-to-citizen services needs to be safeguarded.
The Ministry of Electronics & IT (MeitY) has announced steps to audit, review and handle security walls of all government websites.
A closed group under Secretary of MeitY, Aruna Sundarajan is studying the Information Technology Act (2000) to explore incorporating amendments in its architecture and thus revamp laws governing counter cybercrime.
Further email service providers Google and Yahoo, and social networking platforms Facebook and Twitter have also been directed to reinforce their security systems and report any breaches to the Central Emergency Response Team (CERT-in).
The government has also constituted a separate digital payments division under CERT-In to monitor and strengthen the digital payment infrastructure 24×7 and aims to launch the BotNet Center and the National Cyber Coordination Center to regulate increasing cyber crimes.
Then there is an effort to separate security and IT capabilities to be presided over by chief information security officers in all government set ups.
Yet policy experts are far from satisfied with the government’s efforts as they unanimously feel even a time lapse of six months means an “eternity” in this sector which in their understanding is plagued by a lack of an agile and responsive law, investment and trained personnel.
A 2015 report by the pan India industrial body, ASSOCHAM, revealed that cybercrime incidents have shot up drastically from 13,301 in 2011 to 300,000 in 2015.
It also stated that about 72% of financial services and insurance companies surveyed owned up to being attacked by ‘cyberdacoits’ in 2015.
Lending support to the premise that counter cyber attack measures are far from adequate a KPMG survey of the same year reveals 17% of cyber attacks were undertaken by internal perpetrators and 56% by a nexus of internal and external perpetrators.
Even in the recent demonetization of high value currency a number of bank officials and employees of the Reserve Bank of India were caught for fraud.
Going by the negligible number of disclosures and almost nil prosecutions, hackers are rather emboldened in the current context.
Reports by Kaspersky Lab and Akamai suggest that India ranks first among other nations in ransomware attacks and is among the top countries where web applications are targeted the most.
This leads one to doubt the efficacy of the mandatory cyber security requirements imposed by the Reserve Bank of India and Stock Exchange of India on banks and stock exchanges in 2015.
Similarly the country’s power grid, automated manufacturing, nuclear plants, railway signaling and air-traffic control too are weak in their counter cyber attack preparedness.
To start with the inadequacies of the National Critical Information Infrastructure Protection Center and CERT-in in terms of sector specific threat intelligence collection, remediation, trend forecasting and warning of relevant entities along with actionable intelligence have to be addressed to the role of a proactive stance from their firefighting one.
Thereafter and soon enough a completely operational cyber security command at par with the global players has to be put into place.