Cyber terrorism is the convergence of terrorism and cyber space. Any attack which hampers the normal functioning of the infrastructure.
Generally critical infrastructure is targeted. Situation creates panic, denial of service, loss of financial and personal data.
Some tactics used:
1. Hacking: most popular method used.
Any kind of unauthorized access to a computer (sniffing, packet analyser)
2. Trojan
3. Computer Viruses. (Acomputervirus attaches itself to aprogramorfileenabling it to spread from one computer to another, leaving infections as it travels)
4. Computer Worms (Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. Capacity to replicate in system)
5. Cryptology. Terrorists have started using encryption, high frequency encrypted voice/data links etc. It is tough to intercept and identify.
IMAGINE a situation when in a cyber war suddenly:
* Telephone NWs Collapse
* Satellites out of Control
* Oil Refineries
* Collapse of Financial Services
* SCADA Systems Controlling Power Grids Collapse (http://en.wikipedia.org/wiki/SCADA)
* Collapse of Health and Civic Services
* AIR TRAFFIC CONTROLL Management Collapses
* Defence Forces
* Railway Traffic Control Collapses
* Chemical Plants
Problem is: There would be no responsibility. These attacks will appear to have come from all over the globe as also servers within the country. There would be nobody who could be definitely identified.
FOR more: http://www.idsa.in/system/files/book_indiacybersecurity.pdf
Some steps/agencies created by government to protect IT infra.
* National Informatics Centre (NIC).
Provide network backbone
Manages IT services, E -GOV initiatives to central and state governments.
* Indian Computer Emergency Response Team (Cert-In).
Cert-In is the most important constituent: aimed at security incident prevention and response and security assurance.
14000 Indian sites and 250 around gov sites were hacked (cert in reported)
* National Information Security Assurance Programme (NISAP).
For Government and critical infrastructures
* Government and critical infrastructures should have a security policy
* Essential to implement security control and report security breach
* To cert-In
* Cert-In will have auditor panel to inquire about security; third party audit too.
* Indo-US Cyber Security Forum (IUSCSF).
* Formation of India Information Sharing and Analysis Centre (ISAC) for anti hacking.
* India Anti Bot Alliance to raise awareness about cyberspace (CII)
* India's Standardization Testing and Quality Certification (STQC) and the US National Institute of Standards and Technology (NIST) will join hands in matter.
WHAT ARE THE PROBLEMS WE FACE
* LACK OF AWARENESS
* AGE OLD CYBER LAWS
* NO TRAINED MANPOWER DESPITE OF IT HUB
* DEARTH OF CYBER SECURITY EXPERTS
* POLICY RELATED TO THE EMAIL ACCOUNTS OF SERVING PERSONNELS
NEW CYBER POLICY IN BRIEF 2013
1. To build secure and resilient cyber space
* Creating a secure cyber ecosystem, generate trust in IT transactions
* 24*7 NATIONAL CRITICAL INFORMATION INFRASCTRUCTURE PROTECTION CENTER (NCIIPC)
* Indigenous technological solutions (Chinese products and reliance on foreign software)
* Testing of ICT products and certifying them. Validated products
* Creating workforce of 500,000 professionals in the field
* FISCAL Benefits for businessman who accepts standard IT PRACTICES
FOR MORE: http://deity.gov.in/sites/upload_files/dit/files/National%20Cyber%20Security%20Policy%20(1).pdf
Department of Electronics and IT will be the nodal ministry, other stakeholders like Ministry of Defence, National Technical Research Organisation (NTRO) Defence Research and Development Organisation (DRDO) will also play major roles in implementing this policy.
A national cyber coordination centre will be coming up soon.
KEY words:
CERT-IN
CYBER SPACE
ICT
NCIIPC
IUSCF
NIST
NISAP
ISAC
SCADA
From:
MAHARSHI RAVAL
