Amid Chinese Cyber Threat, How’s India’s Cyber Resilience Looking?

The news Chinese ‘Red Echo’ has targeted India’s ten power stations and two ports, which has become a threat to Indian cybersecurity agencies. Also, it has raised some serious questions on Indian cybersecurity’s proactiveness. 

The New York Times has stated that the cyber-attack by a Chinese state-sponsored group could be the reason for a massive power outage in Mumbai of Maharashtra on 13th October 2020. The Government of Maharashtra has also indicated that this deliberate and malicious act was the reason. However, the Union Power Minister of India has thoroughly declined all such claims. 

However, it is a fact that there have been attempts by state and non-state actors to infiltrate India and its civilian, nuclear, and defence infrastructure for espionage, information theft, showing strength and strategic posture.

It is also a fact that India has robust cybersecurity and intelligence infrastructure. But, all these facts are not disclosed due to confidentiality and secrecy purposes. Also, India is not popular for its aggressiveness through cybersecurity. 

We have looked into the different cybersecurity threats that India has faced till now and how various ministries and the Prime Minister’s office have also been a part of these issues. 

Cyber Attacks on India

India has received endless cyber-attacks over the last decade. And most of the time, attackers have targeted Indian civilians and defence infrastructure. And, that has been a big issue for India. Here are some of the major attacks that have been a headache for India and its ministries. 

Sea Ports and Power Plants in 2020

The temperature was high between India and China at the line of actual control (LAC) in 2020. At that time, a China-based cyber attacking group named ‘Red Echo’ had attacked a minimum of 10 assets of India’s vital power sector. 

That’s not it; they have attacked two seaports. A US-based cybersecurity company started the report. 

Apart from these assets, the Chinese cyber threat has also affected the state load Despatch centres (SLDC). Along with that, Regional Load Despatch Centers of India have also been targeted by a china cyber attack. The role of these Despatch centres is to make sure that real-time integrated operation of India’s power grid through balancing electricity supply and demand. They operate to maintain a stable grid frequency. 

Cyber attackers have targeted several other thermal power corporations. Such thermal power corporations include NTPC, known as National Thermal Power Corporation Mumbai Port, VO Chidambaranar port in Tamilnadu. 

2019 – Kudankulam Nuclear Power Plant

The NPCIL (Nuclear Power Corporation of India Limited) is located in Tamilnadu and operates the Kudankulam Nuclear power plant. The corporation has also stated on 30th October that it has identified the malware in NPCIL. This acceptance of this kind of attack came after denial on 29th October. On 29th October, NPCIL announced zero possibilities of an attack on the Nuclear Power Plant Control System.

It is later found that the main culprits behind the Kudankulam attack were North-Korea-based hackers. They targeted the nuclear power station to steal specific information. And as per the media reports, they were successful in stealing technology-related data from the IT systems of the plant. 

Cyberattack on NSE (National Stock Exchange) In 2015

The NSE is the biggest stock exchange in India. It is popularly known as Nifty. In 2015, an Indian IT firm was allegedly targeted by a cyberespionage group. This IT firm provides support to the National Stock Exchange (NSE). In 24 months, the various Indian Government and private firms have been victims of a sustained and highly targeted cyber attacker group named ‘Suckfly.’ 

The SuckFly was tracked by a Cybersecurity organization named Symantec in April 2014. The firm believes that it is a Chinese cyber espionage group that stole and used digital certificates to target the internal networks of India’s Government and private organizations. Also, in the year 2015, the same espionage group has attacked an Indian e-commerce firm. It is found in the investigation that the malicious actors have first identified a user and an employee of the company to start its breach into the internal network of the e-commerce company. 

Institutional Cyber Security and Resilience Set-up of India

For a very long time, India has successfully created an inter-ministerial ecosystem that handles cybersecurity institutions. Some institutions come under the Prime Minister’s Office (PMO), and some report to the various ministries. 

However, the current legal framework of dealing with cyber-security is decentralized. Various agencies are responsible for several aspects of India’s cyber resilience. To classify them, it can be said that several agencies focus on civilian cybersecurity and some agencies focus on military cyber resilience of systems and networks. 

Under Prime Minister’s Office (PMO)

1. National Critical Information Infrastructure Protection Centre (NCIIPC)

NCIIPC is the national nodal agency that the Indian Government established in 2014. It was built to protect all measures of India’s critical information infrastructure. It comes under the National Security Advisor (NSA) in the Prime Minister’s Office and a National Technical Research Organization (NTRO). The NCIIPC’s target is to protect the nation’s critical information and deliver advice. 

2. National Cyber Coordination Centre

The operation of the National Cyber Coordination centre is to coordinate with the various agencies at the national level for cybersecurity matters. It is one of the classified projects of the Indian Government, and it operates as an operational e-surveillance and cybersecurity agency in India. The National Cyber Coordination centre helps to reduce online threats and handles national security. 

3. National Security Council

It was established by the former prime minister of India, Atal Bihari Vajpayee, in 1988. The national security council serves as a coordinating body for cybersecurity and internet governance. The chairman of the national security council is the national security advisor of India, who also chairs the national information board. 

Under Ministry of Electronics and IT -MeitY (CERT-In)

The Computer Emergency Response Team India (CERT-in) operates as a national nodal agency for responding to computer security occurrences. The primary role of the CERT-In is to spread awareness about cybersecurity across the nation. Also, it helps to provide technical assistance and in recovery for cybersecurity happenings. According to the organization, it completes both kinds of roles, such as Proactive and Reactive. 

Under Ministry of Defence (Defence Cyber Agency)

It is a newly formed agency by the ministry of defence. It was established in 2019 and set up as a tri-service agency to protect the nation’s defence sector as far as cybersecurity is concerned. Tri-service means it forms an agency by the three defence branches- the army, the navy, and the air force. The agency includes 1000 professionals from all these three branches. The first head of the Defense Cyber Agency is Rear Admiral Mohit Gupta. 

Conclusion

The cyber threat has become a big issue for India and its various Government and private organizations. Now, it is high time for the Government to look into the matter of civilian cybersecurity threats. The requirements of high cyber resilience are rising, and it is also imperative to provide basic awareness about cybersecurity across the nation.