Is India’s Cyber Defense Mechanism Inept?

DQI Bureau
New Update

According to media reports, cyber attacks against Indian websites have increased manifolds, triggering question like whether our cyber defence system ineffective?


The Cabinet cleared an ambitious cyber security architecture in May 2013. But as per industry experts, the mechanism needs more enhancement. Despite having numerous meetings on the issue, there was little progress.

India's national security policy covers a host of subjects, from institutional frameworks for emergency response to indigenous capacity building, but it lacks in-depth.

According to the Center for Internet and Society, "Vague, cursory language ultimately prevents the policy from being anything more than an aspirational document. In order to translate the policy's goals into an effective strategy, a great deal more specificity and precision will be required. In forgoing basic definitions, the policy fails to define its own scope, and as a result it proves remarkably broad and arguably unfocused."


Not only is there a lack of coordination among government cyber security entities, but there is no mention of how the public and private sectors are to cooperate on cyber security information-other than oblique references to "public-private partnerships," it said.

"More interesting, however, is the question of liability for high-impact cyber attacks. To whom are private CII operators accountable in the event of disruptive cyber attacks on their systems? This legal ambiguity must necessarily be resolved in conjunction with the "fiscal schemes and incentives" also alluded to in the policy in order to motivate strong cyber security practices among all CII operators and the public more broadly," the Center for Internet and Society added.

Startling Revelations


According to CERT-In (Indian Computer Emergency Response Team), 4,191 Indian websites were defaced or hacked into in August, 2,380 in July, 2,858 in June, and 1,808 in May. A number of these attacks occurred in the .in domain, whose servers are in India - 80% in June and over 60% thereafter.

The .in domain appears particularly vulnerable to attacks. Of the 2,380 Indian websites that were defaced in July, 1,511 were on .in domain and in June the number stood at 2,296 sites.

As per media reports, the top defacers India is battling are SA3D HaCk3D, h4x0r HuSsY, SanFour2S, BD GREY HAT HACKERS, Suwario, SpyDy, hasnain haxor, and CouCouM, among others. These hackers' modus operandi are stealing passwords or sniffing, injecting codes that attack data driven applications, active eavesdropping, called "man in the middle attacks", web shell uploading etc. Most of these techniques are used to scoop up information and then control the activities of the site. In commercial sites, the danger is in the area of industrial espionage.

In critical infrastructure, these attacks can have huge national security consequences.


NSCS' Role

The National Security Council Secretariat (NSCS) under deputy NSA (national security advisor) Nehchal Sandhu was supposed to create three centers of excellence on encryption and public policy

The NSCS is supposed to do other things as well like creating a testing infrastructure, building a threat intelligence system, investing in research and development on cyber security, and building a cadre of cyber security professionals.


Even though the government cleared the post of a cyber-coordinator whose job would be to integrate all the different strands of cyber defence policy, no action was taken as top bureaucrats were not in the same page.

The need of the hour is a strong cyber security policy so that India can encounter such threats.

Meanwhile, the Center for Internet and Society also said that the "policy actually gets a lot of things right-at least as an aspirational document. It certainly covers plenty of ground, mentioning everything from information sharing to procedures for risk assessment / risk management to supply chain security to capacity building. It is a sketch of what could be a very comprehensive national cyber security strategy, but without more specifics, it is unlikely to reach its full potential."