Other worrying concerns, according to official sources, relate to the fact that National Crime Records Bureau in the Union Ministry of Home Affairs is not maintaining records of cyber crimes and its disposal. Added to this, several States and Union Territories do not register at all cyber crime cases, as if, no such crimes take place there. Such States are Haryana, Bihar, Jammu and Kashmir,, Jharkhand, Meghalaya, Mizoram, Nagaland, Sikkim, and Tripura. The Union Territories where cyber crimes are not registered by the law enforcing agencies are Andaman & Nicobar Islands, Dadra & Nagar Haveli, Daman & Diu, Lakshadweep and Poducherry. According to the Department of IT, the data provided by the States and Union Territories do not seem to be realistic. It is a worrying point that attacks on the sites are not being reported properly or the system of reporting of such cases is not user friendly.
Besides, e-fraud is an emerging field of cyber crimes with more and more private persons and Government Departments having online transactions, making the scenario of e-fraud more challenging in the days to come.. As for e-fraud cases, Department of Financial Services in the Union Ministry of Finance, has reported online banking fraud worth Rs.590.49 lakh in 2009 and Central Bureau of Investigation (CBI) registered six cyber crime cases of frauds causing financial loss of Rs.2, 70,650 to the Government and private persons. It is learnt that at present there is no mechanism to insure against financial losses through e-fraud. The IT Department is studying e-fraud scenario internationally. It is also analyzing the mechanism to deal with e-fraud in other countries. The Department is also in the process of finding out the insurance mechanism against e-fraud in other countries so as to evolve some such mechanism in our country.
An inquiry in the Department of IT regarding measures taken amd being taken for strengthening cyber security in the country has revealed that Indian Computer Response Team (CERT-In) has empanelled 51 IT auditors across the country through a stringent mechanism. In addition, the IT Department has ordered all critical sectors and organizations to implement Information Security best practices as per ISO-27001 and audit the system mandatorily at least once a year. In this connection, the question arises whether such best security practices are being implemented effectively to check cyber threats in all critical sectors? There is also a question mark over adequacy of 51 IT auditors in such a large country.
Above all, there are practical constraints and lacunae witnessed in the Information Technology Act and about its provisions, which attract most of the cases. In this regard, the Department has stated that the IT Act is technology intensive and application motivated legislation, which with the changing technologies is facing challenges like collection of digital evidence, attribution of attacks to particular systems, anonymous and borderless cyber space and so on. To get over these challenges, the Department is providing training on cyber security, best practices and cyber forensics to people at different levels. The target groups include general public, law enforcement agencies and judicial officers. The Department is also in the process of expanding the scope of such training to cover all other wings of officialdom. The Government is also increasing the training infrastructure and the number of trainers in the country to create sufficient public awareness throughout the country about cyber security. Such steps would go a long way in strengthening cyber security to help prevent cyber attacks on our websites.
There is an urgent need to make the people aware of the system of reporting of cyber attacks and other related cyber crimes. Besides, equally important is maintenance of data relating to disposal status of the registered cyber crime cases. Simultaneously, law enforcement agencies like police, intelligence apparatuses and other security forces need to be sensitized intensively with the latest changing scenario in the computer and wireless technologies in order to keep pace with the evolving requirements to help secure the country’s cyber space and for that matter its security and integrity. It will also help check cyber crimes in general!
With the growing penetration of computer, ever expanding wireless telecommunications across the country and fast changing cyber security scenario, India’s vulnerability to growing cyber crimes is undergoing myriad technological changes, necessiting quicker and timely responses from the Government, academic institutions, scientific organizations and corporate sector so that, in the ultimate, the country’s all round security interest does not suffer. For this, a sustained public awareness campaign together with a constant vigil by all stakeholders is called for!
Tackling cyber security, a daunting task
M.Y.Siddiqui - 2011-10-08 05:27
Tackling cyber security has become a complex task for the official agencies in India in view of growing threats of hacking of vital websites of the Government of India and e-frauds with a bearing on country’s security and integrity. According to official sources in the Department of Information Technology in the Union Ministry of Communications and Information Technology, 106 Government websites including that of the Prime Minister’s Office, Defence Ministry, External Affairs Ministry and other vital establishments were hacked in 2008, followed by 201 official websites hacked in 2009 and 315 such websites hacked in 2010. The ever growing number of attacks were directed from a large number of countries, such as, the USA, UK, Mexico, Spain, Brazil, Turkey, Iran, Pakistan, China, Lebanon, Peru, Morocco, Japan, Korea, Saudi Arabia, Algeria, Nigeria and some other countries.