Conventional wisdom cites poverty and corruption as the main problems slowing India’s progress. But lax cyber security looks equally burdensome.
“It is inexplicable that India – a country so rich in technical expertise – has had its IT systems so thoroughly compromised,” writes Ulrik Mcknight for The India Site. Cyber attacks are common now, and countries have faced massive losses of sensitive information; yet India has been “particularly slow to react to this new everyday reality.”
Mcknight sees this as a “failure of leadership rather than a shortage of technical ability,”citing Indian officials who persist with gmail and iPads inspite of repeated proof their devices are compromised. The gist: our systems have welcome doormats for hackers.
So far, cyber attacks have been used primarily for information gathering, with China the most active transgressor. (“Know your Enemy”- Sun Tzu) But with an integrated techscape emerging, it’s not just credit card details at risk. A cyber attack could potentially shut down an enemy’s power grid, disrupt water supply, manipulate voting machines and stock exchanges.
Simon Elegant(Time) claimed the US was “still uncomfortable exercising” this power, “but the Chinese — and the Russians — are very comfortable with the deniability and using proxies, even though the actions of those proxies could have enormous strategic consequences.” (In short, Americans like to show off.)
Cyber attacks are difficult to pin on nation-states “because of the difficulty in tracking true identities in cyberspace” according to Wikipedia.Data bounces around multiple servers worldwide and countries can feign ignorance. But China denies nothing.
The Chinese are calling this “acupuncture warfare” according to Gurmeet Kanwal of IDSA (Institute for Defense Studies and Analyses). A term outlining how rooted with Chinese tradition this kind of warfare is:”The denial of information, strategic deception and the achievement of psychological surprise have for long been an integral part of Chinese military doctrine. The Chinese find information warfare extremely attractive as they view it as an asymmetric tool… to overcome their relative backwardness in military hardware. The Chinese are devoting considerable time and energy to perfecting the techniques of IW to target the rapidly modernizing Western armed forces… increasingly more dependent on the software that runs computer networks and modern communications.” Goodbye nuclear deterrence.
Not all are State sanctioned however; the system also breeds patriotic civilian hackers. A report of the US-China Economic and Security Review Commission found that cyber attacks in 2011 consisted of around 15 percent of daily global internet traffic; but on October 1, the figure “plummeted to about 6.5 percent”, which is China’s National Day – when “many workers take leave”.
In India meanwhile,there’s no infrastructure in place to encourage cyber coolies to learn relevant skills. (India does have a cyber army according to Rediff, but its actions so far have been “reactive, not proactive.”)Patriotic Chinese hackers are condoned by officials, but such an attitude is impossible to cultivate in India, where an upwardly mobile middle class nowadays prides itself more in its English fluency than its own languages.
But ignoramuses at the Center who did not deem cyber security fit for national attention thus far, are rightfully recognizing India as the lame deer trailing from the herd and reaching out to the private sector for assistance.
As of this December, according to Times of India, an autonomous “Institute of Cyber Security Professionals of India – along the lines of the Institute of Chartered Accounts of India (ICAI)”which will “make ‘cyber security audits’ mandatory for companies.” Following in US footsteps—which now has a cyber command headed by a General—India ”plans to open a Cyber Security Operation Centre, a 24/7 control room for real-time information and response.”
Right now, 150 engineers across the country are developing an Indian OS, expected to be operational in three years. Hopefully,by then, we will have ceased to be a punching bag for hacker novices looking to test their skills.