Ads

Ads
Center Of Excellence (CoE) For Internet Of Things (IoT) In India

Friday, October 19, 2012

Cyber Security Research Centre Of India

We have consolidated our cyber security initiatives and cyber security research centre of India is an important part of the same. Our techno legal initiatives are unique in the sense that we manage both technical and legal aspects of cyber security.

We are hereby posting a media report about our initiative with prior approval. Hope our clients and various cyber security stakeholders would find this report useful.

Cyber crimes and cyber threats have changed the entire cyber security scenario. Previously firewalls and anti viruses were the notion of cyber security. Now cyber security responsibilities have become too tedious to be managed by a single person or institution.

Cyber security research and development is very crucial to strengthen cyber security of any institution and nation. Cyber security is a constant procedure thus we need to learn, adapt and improvise our cyber security initiatives and efforts on regular basis.

The need for cyber security research centre of India was imminent. Thanks to the efforts of private players, Indian cyber security research centre is no more a fiction. The exclusive techno legal cyber security research centre of India has already been functioning in India for long.

The present cyber security environment of India needs effective skills development to deal with growing cyber threats against India. There are numerous vexing cyber security issues in India that requires attention at the highest level. Further, cyber security laws in India and cyber security policy of India must also be formulated.

Cyber security issues and problems of India require techno legal solutions as neither technical nor legal solution in itself is sufficient. Further, participation of private players is also needed to strengthen cyber security of India as managing India’s cyber security problems, issues and challenges cannot be left for the Indian government alone to tackle.

A special attention must be given to critical infrastructure protection of India. Recently Indian government proposed establishment of national critical information infrastructure protection centre (NCIPC) of India that can help in protecting critical infrastructure of India.

In these circumstances the initiatives and efforts of Perry4Law Techno Legal Base (PTLB) are really praiseworthy. PTLB has established the exclusive techno legal cyber security research and development centre of India. This cyber security centre is the first of its kind in India and world wide.

The cyber security centre is a good blend of legal and technical capabilities of PTLB that makes it unique and very effective. Through its skills development and training initiatives, it would ensure offensive and defensive cyber security capabilities for India and other nations. Let us hope that this cyber security centre of PTLB would be an integral part of all cyber security initiatives of Indian government.

Source: Cyber Laws In India

Wednesday, October 17, 2012

Cyber Security Laws In India

Cyber security, cyber forensics, etc are fields that require techno legal expertise to manage. The growing cyber security issues in India and demand for cyber forensics in India has increased the demand for techno legal skills development in India.

At Perry4Law and Perry4Law Techno Legal Base (PTLB) we have been ensuring legal enablement of ICT systems in India for long. We are also managing exclusive techno legal centre of excellence for cyber crimes investigation in India, techno legal centre of excellence for cyber forensics in India, cyber security research centre of India, etc.  In this work we are discussing the cyber security laws of India.

The debate between self regulatory environment and a regulatory environment has always been a part of technology related laws. Some believe that issues like cyber law, cyber security, cyber forensics, etc must be regulated by the government whereas others believe that they should be left to individuals and organisations as self regulatory mechanisms.

In this present fragile and dangerous cyberspace it would not be advisable to leave everything upon self regulation mechanism. Issues like cyber law, cyber security, cyber forensics, etc deserve to be regulated at national and international level.

We have no legal framework or laws for cyber security in India. Of course, a few provisions have been incorporated in this regard in the information technology act, 2000 of India that is the sole cyber law of India. However, we need express and dedicated cyber security legislation in India as soon as possible.

Even the cyber law of India needs to be upgraded and strengthened. We need stringent provisions against cyber criminals and not the soft provisions that are presently incorporated in the Indian cyber law. By making the offences and cyber crimes “bailable” India has made its cyberspace a “free zone” and “safe heaven” for cyber criminals and cyber offenders.

It seems the problems of Indian cyber security are multi facet in nature. We do not have sufficient laws, we lack proper strategies and policies, and we do not care much about cyber security.

To start with we must formulate a pro active cyber security policy of India. Then we must proceed towards strengthening our existing cyber law and enacting an effective cyber security law of India. The sooner we consider these issues the better it would be for the cyber security of India.

Monday, October 8, 2012

Techno Legal Initiatives Of Perry4Law And PTLB

Techno legal issues pose special challenges before all nations. This is so because these issues are complex combination of both technical and legal issues. At Perry4Law and Perry4Law Techno Legal Base (PTLB) we have been spearheading many world renowned techno legal initiatives.


Similarly, on the education, trainings and skills development front as well Perry4Law and PTLB have been managing many initiatives. For instance, the exclusive techno legal e-learning in India is managed by PTLB whereas highly specialised and domain specific trainings and education is managed by Perry4Law techno Legal ICT Training Centre (PTLITC).  


We are also discussing important issues pertaining to international ICT policies and strategies. Similarly, techno legal issues are specifically discussed at PTLB blog. We hope these initiatives would prove useful to all stakeholders.

Source: ICTPS Blog

Sunday, September 30, 2012

Cyber Security Issues And Challenges In India

Cyber Security in India is one area that has to be given top priority by Indian government. The Cyber Security reflections in India prove this point. There are many policy related issues that Indian government must urgently take care of.


A special focus upon Cyber Security for Power Energy and Utilities in India must be given. Power Grids Cyber Security in India and its Challenges has emerged as special area of concern and India is clearly not in a position to defend its power infrastructure.

There are numerous Cyber Security Challenges in India that are still unredressed. Further, India's Cyber Security Challenges are unique to Indian conditions and they require local treatment and solutions. Cyber Security Issues in India require a dedicated effort on the part of Indian stakeholders. Even the Cyber Security Firms, Companies and Consultants in India Must be Pro Active.

Cyber Security in India and its challenges and Problems require urgent attention of Indian government. We have already wasted enough time in this regard and it is high time for India to do some actual groundwork as conducting of conferences and seminars would not bring any favourable change towards establishment of cyber security capabilities of India.

Thursday, August 9, 2012

Cyber Security Challenges In India

Cyber security issues in India have added a new variety of challenges for India. Till now cyber security in India and its challenges and problems are well known and India has also realised that urgent attention in this direction is needed. For instance, the cyber security challenges for the smart grids in India were realised during the recent power outrage in India.

This is just the beginning of the cyber security journey of India. Critical infrastructure protection in India is not undertaken in the manner required. Even we have no critical ICT infrastructure protection policy of India  that can provide norms and best practices for critical infrastructure protection in India.

On top of it, stealth and sophisticated malware like Stuxnet, Flame, Shamoon and Duqu have already proved that critical infrastructures around the world like power grids, nuclear facilities, satellites, defense networks, governmental informatics infrastructures, etc are vulnerable to both known and unknown cyber attacks.

There are many concepts that were not even acknowledged by India a few years back. For instance, concepts like cyber warfare against India and its defenses, cyber terrorism against India and its defences and solutions, cyber security in India and its challenges and problems, cyber espionage against India and its challenges, solutions and defences, etc were never considered to be a threat by India.

Now it is well known that these concepts are not just theoretical concepts but actual and potential threats to any nation. India has also realised this bitter truth that also without much loss of crucial information and data.

Of course, strategic computers at Indian defence forces, governmental departments, etc were successfully breached and compromised. In many cases, India was not even aware of such compromise and there may be incidences where such compromise are still present and are undetected.

As on date we have neither a strong cyber law nor effective cyber security capabilities in India. Further, if we analyse the cyber security reflections the trend is really troublesome. The cyber law, cyber crimes and cyber security trends by Perry4Law and Perry4Law Techno Legal Base (PTLB) have shown the loopholes of Indian cyber security capabilities.

We at Perry4Law and PTLB strongly recommend that Indian government must stress really hard upon developing both defensive and offensive cyber security capabilities. The sooner it is done the better it would be for the national security of India in general and cyber security of India in particular.

Thursday, August 2, 2012

Cyber Espionage Against India And Its Challenges, Solutions And Defences

If we analyse the Cyber Attacks Trends against India for the past few years it would be apparent that the frequency and sophistication of these Cyber Attacks has increased and developed a lot. The Cyber Attack by the Chinese Crackers at the computers in the Prime Minister's Office (PMO) of India in December 2009 is one such example.

In this incidence, the Crackers targeted India's key National Security Peoples including National Security Advisor M.K. Narayanan, Cabinet Secretary K.M. Chandrashekhar, PM's Special Envoy Shyam Saran and Deputy National Security Advisor Shekhar Dutt. The four and up to 26 others were specifically targeted in the Cracking exercise that was very successful.

The Cyber Espionage attack was very sophisticated and well executed. The E-Mail was routed through multiple proxy servers to defeat the Traceability. The Cracking Spyware was embedded in a PDF document to get it executed once opened. The Trojan Malware was programmed to carry out multiple functions, including downloading malicious files, accessing E-Mails and passwords and also accessing the desktop from a remote location.

In another incidence, it was reported that the Chinese Intelligence Agencies may have planted Malware in Computers and broken into the Headquarters of 33 Corps, the Army formation looking after most of the North-Eastern border with China. The Cyber Intrusion also planted a Trojan Horse to give Chinese Agencies remote access to the computer network at the 33 Corps Headquarters in Sukhna, near Siliguri, West Bengal.
 
In another incidence, many Computers of the Home Ministry were found infected with Malware. Reacting sharply, but wrongly, to these developments, the Union Home Ministry decided to ban the use of Internet by the lower rank staff up to section officers.

This was a “Defective Strategy” as banning use of Internet or Technology rather then developing Cyber Security Capabilities in India can never be a good choice. It is better to “Train” the staff rather than prohibiting them from using Internet.

The Home Ministry was barking the wrong tree as Security through Obscurity and Non-Access in itself and without further steps to develop Cyber Skills and Capabilities is a bad choice. The Government of India must concentrate upon “Capacity Development” of not only its employees but also its core Departments and Offices in order to tackle Cyber Espionage Attacks. Thus, Cyber Security Capabilities of India must be strengthened as soon as possible.

Cyber Espionage may be committed by an Insider or an outsider with the help of Internet and Computer. The problem is that Cyber Espionage is inexpensive and relatively easy to commit and it is also difficult to prove with absolute certainty. This is more so regarding “Authorship Attribution” that can pin point the liability to a Nation/Individual/Organisation.

Authorship Attribution is an important aspect of “Determining the Culpability” of an offender where the means to commit the offence are common and accessible to many people simultaneously. Data Mining and Profiling of the accused to “Attribute Culpability” to him/her alone is an emerging area of Cyber Crime Investigation but it is still far from perfect.

Having an effective Cyber Security Mechanism at place can help in prevention of majority of Cyber Espionage issues, but there is no full proof method of preventing Cyber Espionage. With adequate resources and time, a Cracker can penetrate and exploit the intended target.

The Cyber Security Policy of India must be urgently formulated that must incorporate provisions regarding Cyber Warfare, Cyber Terrorism, Critical Infrastructure Protection, Cyber Espionage, etc. In the ultimate analysis, enhancing Cyber Security of India is the ultimate solution.

Cyber Security In India: Its Challenges And Problems

Cyber Security in India is gaining importance day by day. However, the same is not a result of any Cyber Security Policy of India but due to the problems that India is facing. India has for long ignored Cyber Security aspect and this has caused tremendous loss to it. Now Cyber Security Problems of India have reached a stage where if immediate action is not taken, it may cause irreversible and irreparable loss to India.

The chief problem that India is facing from cyber front pertains to threats emanating form Cyber Warfare field. Cyber Warfare against India and its Defences is one area that requires special attention of our Policy Makers. We need a dedicated work force to take care of this sensitive and crucial field.

Another concern that is repeatedly conveyed to Indian Government is that Critical Infrastructure Protection in India is needed. As on date India is not vulnerable to Cyber Attacks targeting Critical Infrastructure of India. However, this is not because India has advance Critical Infrastructure Protection (CIP) Mechanism at place but because India has outdated and ancient Infrastructure at place. The moment modern and ICT enabled Infrastructure would be used by India to support its Critical Infrastructure, the problems of India would increase manifolds.

For instance, the recent power failure of India has raised concerns not only in India but also World wide. Although the power outrage was claimed to be caused due to Defective Power Infrastructure, yet even in modern Power Infrastructure such a situation can occur. Cyber Security of automated Power Grids of India has not been contemplated by Indian Government so far.

Sophisticated Malware like Stuxnet and Duqu have already proved that Critical Infrastructures around the World like Power Grids, Nuclear Facilities, Satellites, Defense Networks, Governmental Informatics Infrastructures, etc are vulnerable to diverse range of Cyber Attacks. The truth is that Cyber Attacks are affecting Indian Critical Infrastructure and we are not even aware of the same.

Another area that must be on “Priority List” of Indian Government pertains to Cyber Terrorism. Cyber Terrorism against India and its Defences and Solutions has not been developed by India so far. This must be done now to prevent any further loss due to activities of Cyber Terrorists against India.

We must develop Cyber Security Capabilities of India as soon as possible. Further, we must also keep in mind the Importance of Cyber Forensics for India. Keeping this in mind, development of suitable Cyber Forensic Investigation Solutions in India are needed to Prevent and Defend various types of Cyber Attacks.

The list is endless and this article is not intended to cover all the aspects of Cyber security Problems of India. However, the top three Cyber Security Problems of India have been discussed by me. I would discuss more in this regard in my subsequent articles.

Cyber Terrorism Against India And Its Defences And Solutions

Cyber terrorism in India is not a new concept. However, for long concepts like cyber warfare, cyber terrorism, etc were not taken seriously by Indian government. Naturally, cyber security in India also could not flourish. The cyber security capabilities of India also could not develop in such circumstances.

Techno legal experts of India have been warning against growing incidences of cyber attacks, cyber crimes, cyber espionages, etc against India. Further, the fact that critical infrastructure protection in India is needed has also been reiterated from time to time.

Sophisticated malware like Stuxnet and Duqu have already proved that critical infrastructures around the world like power grids, nuclear facilities, satellites, defense networks, governmental informatics infrastructures, etc are vulnerable to diverse range of cyber attacks. The truth is that cyber attacks are affecting Indian critical infrastructure and we are not even aware of the same.

The cyber law, cyber crimes and cyber security trends by Perry4Law and Perry4Law Techno Legal Base (PTLB) have shown the loopholes of Indian cyber security capabilities. It is high time to plug in these loopholes and deficiencies of Indian cyber security capabilities.

Menaces like cyber terrorism and cyber warfare cannot be effectively tackled till we have both offensive and defensive cyber security capabilities. Further, cyber crisis management plan of India must be urgently formulated and effectively implemented so that cyber terrorism can be prevented in India.  

These anti cyber terrorism solutions must be implemented by India as soon as possible. Cyber security skills development in India must also be ensured so that we have a skilled cyber security workforce in India.

Wednesday, August 1, 2012

Critical Infrastructure Protection In India Is Needed

Critical Infrastructure is backbone of any Nation and if they are targeted then loss of tremendous nature can occur. It is also not necessary that critical infrastructure is attacked through physical presence at the place of critical infrastructure.

These days’ critical infrastructures are managed by information and communication technology (ICT). For instance, the supervisory control and data acquisition (SCADA) systems are the new cyber attack battlefield for cyber criminals and rouge nations. In these circumstances, protection of critical infrastructure of India is of utmost importance.

Critical infrastructure protection (CIP) in India is an integral part of cyber security of India and the same must be a part of cyber security policy of India as well. Similarly, critical ICT infrastructure protection in India is also urgently required.

Malware like Stuxnet and Duqu have already proved that critical infrastructures like power grids, nuclear facilities, satellites, defense networks, governmental informatics infrastructures, etc are vulnerable to sophisticated cyber attacks. The truth is that cyber attacks are affecting Indian critical infrastructure.

We have no dedicated and implementable critical ICT infrastructure protection policy of India. Even we have no implementable cyber crisis management plan of India as on date. Although constitution of a national critical information infrastructure protection centre (NCIPC) of India has been suggested yet its constitution may still take decades. Till then the critical infrastructure protection (CIP) and homeland security (HS) of India would remain in doldrums.

It is high time to consider the cyber security reflections and work towards strengthening of cyber security of India. Further, issues of cyber warfare against India and its defenses must also be considered as cyber warfare against India is no more a fiction but a reality. Perry4Law and Perry4Law Techno Legal Base (PTLB) hope that Indian government would consider these recommendations as soon as possible and act accordingly.

Tuesday, July 31, 2012

Cyber Warfare Against India And Its Defenses

Cyber Warfare is a concept that is well known at both national and international levels. In one form or other and in lesser degree or more, Cyber Warfare has been accepted as a reality in the present Cyber World. However, Cyber Warfare concept still haunts the international community and till now we have no dedicated Legal Framework for Cyber Warfare at international level.

Till Harmonised Cyber Warfare Legal Framework emerges, piecemeal efforts would try to fill the void in this regard. Not very late NATO requested Cyber Security cooperation form India. We should not wait for others to develop our own Cyber Warfare Capabilities in India. In fact, Cyber Warfare Policy of India must be urgently formulated and immediately implemented. The same must be part and parcel of India’s National Cyber Security Policy.

Cyber Security in India needs to be strengthened keeping in mind the growing cases of Cyber Attacks and Cyber Espionage attacks against India. Even Cyber Warfare against India is well known and is not new. Ensuring 100% cyber security is next to impossible. However, we can minimise Cyber Attacks. India has remained indifferent towards Cyber Security for long. This resulted in poor Cyber Security Capabilities and Expertise. It is only now that India has paid attention to this crucial field and it is still not too late.

India should definitely step up/accelerate its efforts to strengthen Cyber Security along with Traditional National Security Capabilities. Internet and Hidden Internet has opened new frontiers and unforeseen challenges before India. Internet is increasingly been used to not only propagate Terrorism propaganda but also to recruit new Terrorists.

To tackle Terrorists’ use of Internet, International Cooperation amongst Governments, Organisations, Internet companies and telcos could be helpful. For the time being, Cyber Criminals/Terrorists are one step ahead of various Governments and International Cooperation activities.

New technologies have also caused problems for India. For instance, Voice-over-Internet Protocol (VOIP) is one of the technical challenges that Law Enforcement and Intelligence Agencies across the world are finding difficult to tackle. However, of late strong Encryption usage has emerged as more troublesome that VOIP. Further, VOIP can be intercepted in certain circumstances.

Developing of Cyber Security Capabilities and Expertise is immediately required in India. There is also an urgent need to develop both Preventive and Offensive Cyber Security Capabilities of India. The sooner it is done the better it would be for the National Security of India.

Advertisement Space- Bid Now

Advertisement Space- Bid Now