Computer security, cybersecurity or information technology security (IT security) is the protection of computer systems and networks from information disclosure, theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.
The field is becoming increasingly significant due to the increased reliance on computer systems, the Internet and wireless network standards such as Bluetooth and Wi-Fi, and due to the growth of “smart” devices, including smartphones, televisions, and the various devices that constitute the “Internet of things”.
The government of India is taking many initiatives to enhance cybersecurity. With the rapid development of information technology, it is critical to provide a safe and secure cyberspace. The topic, ‘Cyber Security’ comes under GS-III syllabus of the IAS Exam. This article will provide you with relevant facts about cybersecurity.
|For similar articles be sure to visit the UPSC Science and Technology Notes page now!!
To complement your preparation for the Science and Technology segment of the UPSC Exams, check the following links:
What is Cyber?
The term, ‘Cyber’ is used in relation to the culture of computers, information technology, and virtual reality. The connection between internet ecosystems forms cyberspace. The threat to cyberspace leads to an issue and gives rise to the need for cybersecurity
Threats to Cyberspace:
- Interconnectedness of Sectors
- Increase in the number of exposure points
- Concentration of assets
As per the NITI Aayog report, the threats to cyberspace have increased dramatically over the last 10 years. The cyber attacks lead to the exposure of:
- Sensitive information
- Personal information and
- Business information
The need for Cyber Security
Cyber Security protects the cyberspace from the following:
- Cyber Attacks
- Damage to Cyberspace
- Misuse of Cyberspace
- Economic Espionage
Cyber Security – Evolution
With the introduction of cyberattacks, cybersecurity initiatives have evolved. They are mentioned in the table below:
|Evolution of Cyber Security|
|Issues||Cyber Security Initiatives|
|Worms (2000)||Intrusion Detection and Prevention|
|Botnets (2000s – Present)||DLP, Application-aware Firewalls, SIM|
|APT Insiders (Present)||Network Flow Analysis|
Cyber Threats and Cyber Security
There are types of cyber attacks that have evolved over a period of time:
- Virus – It is a malware that self-replicates and spreads by inserting copies of itself into other executable code or documents.
- Hacking Websites – An unauthorized access to any website belonging in a personal or professional space
- Malicious Codes – It is a kind of security threat where any code present in software tends to bring harmful effects, breach the security of the system, or bring damage to the system.
- Advanced Worm and Trojan – This is again a malware that camouflages as a regular software however once accessed, brings damage to the hard drive, background systems and corrupts allocation systems
- Identity Theft and Phishing – It is a cyber attack involving fraudulent emails posing as authorized entities in order to induce people to reveal their information (personal and professional.)
- DOS, DDOS – DOS stands for Denial-of-Service attack, and DDOS stands for Distributed Denial-of-Service attack. The attackers make the machine or network unavailable by disrupting services of the host network through the flood of superfluous requests to overload systems. And when such flooding of requests comes from various ends, it is termed as DDOS.
- Cyber Espionage – Usually when a government’s or important organization’s privacy is posed at risk due to illegal use of computer networks to seek confidential information.
- Cyber Warfare – Deliberately attacking the information systems through the use of computer technology to disrupt the state’s activities, especially for military purposes.
Cyber Attacks in India
The topmost causes of cyber attacks are:
- Phishing and Social Engineering
- Spear Phishing
- Denial of Service
- Out of Date Software Ransomware
The table below gives the list of cyberattacks that India has witnessed in the past:
|Cyber Attacks in India||Description of the Cyber Attacks
|Coronavirus Pandemic Based Cyber Attack||Microsoft has reported that cyber crooks are using Covid-19 situation in 2020 to defraud people through phishing and ransomware in India and the world|
|Phishing||Union Bank of India heist in July 2016|
|Wannacry Ransomware||In May 2017, various computer networks in India were locked down by the ransom-seeking hackers.|
|Data Theft||In May 2017, the food tech company Zomato faced the theft of information of 17 million users.|
|Petya Ransomware||Container handling functions at a terminal operated by the Danish firm AP Moller-Maersk at Mumbai’s Jawaharlal Nehru Port Trust got affected|
|Mirai Botnet||In September 2016, Mirai malware launched a DDoS attack on the website of a well-known security expert.|
Cyber Security – Who are the Cyber Attackers?
There are kinds of cyber players who harm cybersecurity:
- Cyber Criminals
- Cyber Terrorists
- Cyber Espionage
- Cyber Hacktivist
As per the Niti Ayog report, the following are the sets of the group behind the cybersecurity breaches
|Attacks in partnerships|
|Organized Criminal Groups|
Find the difference between Malware and Virus by visiting the linked article.
Cyber Security – Cyber Swachhta Kendra
It is the Botnet Cleaning and Malware Analysis Centre under the Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology (MeitY). The aim of Cyber Swachhta Kendra is to promote awareness among Indian citizens to secure their data in computers, mobile phones, and other electronic devices.
Cyber Security – Indian Laws & Government Initiatives
There are various legislations that support cybersecurity in India. The table below mentions these:
|Laws related to Cyber Security in India||Important Facts|
|Information and Technology Act, 2000||
|Information Technology Amendment Act 2008 (ITAA)||The amendments in the IT Act mentioned:
|National Cyber Security Strategy 2020||Indian Government is coming up with the National Cyber Security Strategy 2020 entailing the provisions to secure cyberspace in India. The cabinet’s nod is pending and it will soon be out for the public.|
|Cyber Surakshit Bharat Initiative||MeitY in collaboration with National e-Governance Division (NeGD) came up with this initiative in 2018 to build a cyber-resilient IT set up|
Aspirants can also refer to important GS-III topics linked in the table below:
|National Cyber Security Policy||Department of Electronics and Information Technology|
|Indian Penal Code (IPC)||Artificial Intelligence (AI)|
Aspirants can become familiar with the general pattern of the IAS exam by visiting the IAS Syllabus page. For more preparation materials they can refer to the links given in the table below: