Digital India is under threat
Hackers are targeting us due to a weak cyber security set up
The second global ransomware attack in two months underlines the continuing vulnerability of India to cybercrime and the desperate need for further action on this front by the government. India was the largest victim of the Petya virus in Asia, with Symantec estimating nearly 20,000 organisations were affected. Given that so many private companies prefer to keep quiet about such break-ins or that they agreed to pay off the hackers, the extent of the damage to India is unclear. Ransomware, however, is here to stay. In both the earlier WannaCry and the present Petya attacks enough victims paid the hackers who were holding their databases hostages that this is now a viable criminal activity.
India is especially vulnerable to the new generation of cybercrimes. Here’s why: First, outdated software and ancient hardware still find use in India well after they are phased out in the rest of the world. Since older systems are more vulnerable, inevitably viruses and malware find India an easy target. Two, the government’s ambitious Digitial India schemes will oversee an enormous expansion of Internet connectivity and online economic activity. For example, the coming Goods and Service Tax Network will force the number of traders using computers to more than double. The biometric identity number, Aadhaar, has in theory brought a billion Indians into the cyber age and will be the basis for even more digital services, products and transactions. India has become a target-rich environment for hackers. Three, understanding of cybersecurity is abysmal. Avoiding pirated software, updating regularly and learning to avoid phishing are habits that need to become second nature among Indians. However, the National Digital Literacy Mission has been noticeable by its absence. Finally, India’s cybersecurity structure remains fragmented and incoherent. The appointment of a cybersecurity coordinator has helped, but the holder can only provide guidelines and has no genuine authority over India’s various cybersecurity bodies.
While the hard issues of cybersecurity are relatively obvious, it is also important to understand that sensible regulations on online privacy are also important. Without them, victims will tend to prefer anonymity, encouraging even more cybercrime to take place. The Narendra Modi government has a genuinely transformational vision of digitalising India. But this requires a much holistic view to succeed and part of this vision is getting a real grip on cyber security.