According to the Indian Cybercrime Coordination Centre data Delhi had the highest number of cybercrime complaints in the country followed by Chandigarh, Haryana, and Telangana respectively. The national cybercrime rate is 129 per hundred thousand citizens.

Cyber Crime complaint helpline number is 1930. 16,597 police stations (99.9%), across the country, are covered by Crime and Criminal Tracking Network and Systems(CCTNS).

CYBER SECURITY: INDIAN SCENARIO

Cyber security environment in India is fast changing, facing many sophisticated cyber security problems and challenges, due to growing realisation of threats of cyber-attacks and cybercrimes.( false customer care numbers, fake refunds, KYC expiry, biometric cloning, sextortion scams, online booking, fake franchisee, QR code-based frauds.

In India there has been an increasing thrust on e-governance, IT enabled services in Public services (Government to citizen services, citizen identification, public distribution systems), Healthcare (telemedicine, remote consultation, mobile clinics), Education (eLearning, virtual classrooms, etc) and Financial services (mobile banking / payment gateways), etc seen as a cost-effective way of taking public services to the masses across the country.

There has been a boom in e-commerce, and many activities related to e-governance are now being carried out over the Internet. As we grow more dependent on the Internet for our daily activities, we also become more vulnerable to any disruptions caused in and through cyberspace.

Cyber threats can be disaggregated, based on the perpetrators and their motives: cyber espionage, cyber warfare, cyber terrorism, and cyber crime. Cyber attackers use numerous vulnerabilities in cyberspace to commit these acts. They exploit the weaknesses in software and hardware design through the use of malware, spam, phishing and social networking sites. Hacking is a common way of piercing the defences of protected computer systems and interfering with their functioning. Identity theft, ranging from abuse to financial frauds to cyber espionage is also common. . From that perspective, the challenge of non-state actors to national security is extremely grave. India, with respect to above context, is vulnerable to cyber espionage, cyber terrorism, cyber warfare and cyber crime and cyber security scenario in India is one of relative chaos and a sense of insecurity is arising out of the periodic reports of cyber attacks.

              GOVERNMENT INITIATIVES

National Cyber Security Policy -2013

Information Technology Act 2000

An Act to provide legal recognition for transactions carried out using electronic data interchange and other means of electronic communication, commonly referred to as “electronic commerce”, which involve the use of alternatives to paper-based methods of communication and storage of information, to facilitate electronic filing of documents with the Government agencies; promote the IT industry, regulate e-commerce, facilitate e-governance and prevent cybercrime.

The Government has established the Indian Cyber Crime Coordination Centre (I4C) to provide a framework and eco-system for Law Enforcement Agencies (LEAs) to deal with cyber crimes in a comprehensive and coordinated manner.

The Government has launched the National Cyber Crime Reporting Portal (www.cybercrime.gov.in) to enable the public to report incidents pertaining to all types of cyber crimes, with a special focus on cyber crimes against women and children.

A toll-free number 1930 has been operationalized to get assistance in lodging online cyber complaints. T

The Citizen Financial Cyber Fraud Reporting and Management System module has also been launched for immediate reporting of financial frauds and to stop siphoning off funds by fraudsters.

the National Automated Fingerprint Identification System to help with the interstate linkage of cybercriminals. “NAFIS will help in the identification of cyber criminals across the country,”

The Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). The center provides detection of malicious programs and free tools to remove the same along with cyber security tips and best practices for citizens and organisations.

The National Cyber Coordination Centre (NCCC) to generate necessary situational awareness of existing and potential cyber security threats.

Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding the latest cyber threats/vulnerabilities and countermeasures to protect computers and networks regularly; it operates as the national agency to address the country’s cyber security and has helped reduce the rate of cyber attacks on government networks

Ministry of Electronics & Information Technology (MeitY) conducts programs to generate information security awareness. Specific books, videos, and online materials are developed for children, parents, and general users about information security which are disseminated through portals like “www.infosecawareness.in”, and “www.csk.gov.in”.

Law enforcement agencies and the Department of Telecommunications (DoT) started blocking International Mobile Equipment Identity(IMEI) numbers in 2023 to prevent cyber criminals from accessing the telecom network using their existing devices.

National Critical Information Infrastructure Protection Centre

NCIIPC is a central government establishment, formed to protect critical information of our country, which has an enormous impact on national security, economic growth, and public healthcare.

every government organization is headed by a skilled security leader, also known as Chief Information Security Officer (CISOs) — who can identify and document the security requirements that arise with each technical innovation.

approximately 90 security auditing organizations have been impaneled by the government for auditing the best practices of information security.

The New Telecommunications Act that requires all telecommunication service providers to identify their consumers through a “verifiable biometric-based identification” system. Acquiring SIM fraudulently using someone else’s identity proof will be punishable.

SUGGESTIONS

An enabling Legal Framework – Setting up of think tanks in Public-Private mode to identify gaps in the existing policy and frameworks and take action to address them. This includes addressing the privacy concerns of online users.  As the digital world is much more complex, there is a need to train judiciary, law enforcement agencies, and legal practitioners about cyber crimes, collection of digital evidence, and cyber forensics.

R&D – Creation of Centres of Excellence in identified areas of advanced Cyber Security and Centre for Technology Transfer to facilitate the transition of R&D prototypes to production, supporting R&D projects in thrust areas.

Security Incident – Early Warning and Response- Comprehensive threat assessment and attack mitigation by means of net traffic analysis and deployment of honey pots, development of vulnerability database.

Security awareness, skill development, and training – Launching formal Security Education, Skill Building, and Awareness Programmes.  Setting up of Centres of excellence in Cryptography, Malware Research, Mobile Security and Cyber Forensics,

Collaboration – Cyberspace is borderless and actions in cyberspace can be anonymous so there is a need to establish a collaborative platform, Focus on proactive and collaborative actions in Public-Private Partnership/think-tank for cyber security policy inputs, discussion and deliberations, operationalization of security cooperation arrangements with overseas CERTs and industry, and seeking legal cooperation of international agencies on cyber crimes and cyber security. Cyber Security requirements are quite dynamic and change with the threat environment. The threat landscape needs to be updated regularly to prevent emerging attacks. Collaboration among various agencies is needed to share information regarding emerging threats and vulnerabilities, the technical complexity of cyberspace and the availability of skilled resources, which would help in effective protection and prevention of cyber attacks.