The recent attack on more than 25 websites of Assam government departments has again shown up how vulnerable the country is in terms of cyber security. Hackers broke into and defaced websites belonging to the Assam Police, Public Health Engineering department, the directorate of Elementary Education, Sarba Siksha Abhijan Mission, Accountant General’s office and some other government departments. As a precautiory measure, these websites were disabled and taken off the Net. The State Information officer has said the security system will now have to be strengthened manifold to safeguard websites. This incident is said to be the latest episode in a running cyber battle for nearly a month between Pakistani and Indian hackers. The present wave of attacks began with Pakistani hackers knocking out several websites of Kerala and Chhattisgarh governments, while Indian hackers retaliated by breaking into some Pakistani government websites. Reportedly, Pakistani hackers wanted to show up the vulnerability of Indian cyber systems and thereby embarrass the rendra Modi government — which is staking a lot of prestige abroad in its Digital India drive. Experts of the tiol Informatics Centre (NIC) are now investigating how security walls devised around government websites it has been hosting, were breached so easily.
The common refrain among many cyber experts is that Indian websites have low security threshold because government agencies are not willing to invest much on this aspect. Recruiting IT experts skilled in cyber security and updating websites with the latest security systems figure very low in the scheme of things of government agencies here. Defending important locations in physical space with foolproof security protocols is something governments in this country have always been found wanting. So when it comes to defending our assets in cyberspace, government agencies appear to be even farther behind the times. The Union government set up the ‘Indian Computer Emergency Response Team’ in 2004 to prevent cyber attacks on Indian assets. But with the number of attacks crossing 13,000 within seven years, a new subdivision, the tiol Critical Information Infrastructure Protection Centre (NCIIPC) was created to thwart attacks against the country’s energy, defence, space, banking, telecom, transport and other sensitive sectors. Such efforts will have to be augmented greatly in the coming days as the Central government begins its Digital India push to make government services available online to all citizens. This will require linking up towns and cities along with over 6 lakh villages across the country by broadband lines and making enormous databases available on the internet. But the awareness about cyber security is yet to percolate down to state, district and lower administrative levels.
Considered an IT superpower with enviable software skills, India has no dearth of talented youths who can be drafted as cyber defenders. Two years back, the Union Information Technology ministry had estimated that the country will need at least 5 lakh cyber security professiols by 2015 — but their number at present is hardly 50 thousand. Cyber security, ethical hacking, cryptography and other such subjects get lower priority in computer science and information technology curricula being offered by institutes across the country. Adequate numbers of qualified trainers and necessary infrastructure are missing to train up professiols in a field where hardware and software change every 18 months on an average. In Prime Minister Modi’s words, being online or offline will soon be the only status to matter in an increasingly networked world. But crooks and terrorists will lurk in greater numbers in the cyber world, while countries will spy upon rivals, steal their data and seek military advantage through cyber warfare. As cyber crimils elsewhere create ever more diabolic viruses, worms, Trojan horses and other devises to penetrate and compromise information systems and computer networks, cyber defenders need to outthink them and stay ahead in the game. Chi has invested heavily in cyber espioge and warfare, with a long term perspective to match the US. As India tries to catch up, state governments cannot afford to be ignorant and laid back about cyber security.