Ticker

6/recent/ticker-posts

Header Ads Widget

Responsive Advertisement

Cyber security , Botnet , VPN , India cyber security challenges , General studies , ICT , UPSC ESE

NIK BLOGS June 03, 2021


 

Cyber wall 

  • It is a type of cold war in which there is cyber attack by one country on other country. One such cyber war took place when it was found that Iran was making a nuclear bomb to attack on America in response America launched cyber nuclear bomb named stuxnet on Iranian power Grid. It completely destroy Iranian power Grid and also affected more than 50% computers of the world ,this led to an all-out cyber wall in world. 
Malwares 

Malwares are malicious software that have negative result only. 

  1. Virus : vital information resource under seize ,  a virus can spread through contact only and if there is no contact then the virus does not affect. The virus can appear through malicious websites or malicious emails. The virus can affect particular program first uses its computing power then start multiplying itself when it reaches its peak number then most of the computing power is utilised by virus only. Security from viruses is antivirus. It works by identification of digital signature of virus. Since each virus type has a unique digital signature. 
  2. Worms : it does not need contact to spread. It can appear in the system without any contact start multiplying itself using computer power to affect entire system. Worms generally come through cache memory in the form of cache files, best security from worm is to regularly delete the cache files. 
  3. Trojans: they appeared as an attractive program that become dangerous after downloading it. It can appear in the form of the heavy discounted product, lottery or an attractive image ,etc, after clicking on it, it can download the spyware or spread virus in the system. One such trozen affected India in 2016 named beebon virus. It appeared as a promise to remove virus from the system but it ended up downloading the spyware. 
  4. Spyware :it appears automatically without info and start copying the sensitive files and data to send it to another third party ,it is nearly impossible to find out about the third party to which it send the data.
  5. Adware : it appears as a popup window and cant be removed easily ,only way to remove it is by force shutdown of computer, but due to this the current running program are also removed.
  6. Ransomware : it encrypts the sensitive file of computer and demand ransom to decrypt it. Generally ransom demands in the form of bitcoin so that  Identity of user should remain hidden, if the ransom is not paid on time ,then the data destroy itself automatically. In 2018 India and the world get affected by three ransome ware that are wanna cry , petya , Loky. 
Cyber scam 

  • A cyber scam is illegal financial transaction by gaining sensitive information such as Bank account number, password ,etc through illegal means. 
  1. Phising : it appears in the form of email or message that may be a claim of fake lottery ,fake heavey  discounted product, fake job offer etc. It tries to gain sensitive data to transact money. It can also gain sensitive data to get crucial information. 
  2. Vishing: it also works like phising that is try to gain sensitive data but appears in the form of telephonic conversation. 
  3. Spoofing : it appears in the form of another party to gain sensitive data so that it can make illegal financial transaction. 
Botnet 

  • They are made up of two words that are robot and network. Botnets can perform multiple functions such as making illegal financial transaction, making DDOS attack ,copying sensitive data to send it to another party etc. Botnets can't be removed by any means. 
DDOS attack (distributed Daniel of services) 

  • In this attack all the devices are affected by botnet ping at a particular website at the same time so that the server denies the services, one such DDOS attack took place in India in 2018 name was saphosi,  another such attack took place in 2016 at Maharashtra its name was mirai. 
Cyber swachhata Kendra 

  • It is an institution launched by MEITY (ministry of electronics and information technology )to remove botnet and analysis of malware  in the cyber environment of the country. 
Gravity RAT - Remote access Trojan 

  • It is a Trojan program that appeared as a friendly program but it ended up downloading spyware ,it was launched by Pakistan on Indian cyber environment to track sensitive data. Later on it was detected by CERTIN and then removed it. 
Cyber tools 

  1. Firewall :a firewall is able to protect the system from external threat acting as security from network, it can also protect from spreading of threat from one part to another part. Therefore a firewall can act as a system security and network security, both firewall are of two types:
  • Host firewall :it is a software only that protect the system from external threat. 
  • Network firewall: it is a combination of hardware and software both ,it can protect from external threat and also it does not allow banned IP address data to pass through a firewall, can be applied against a particular website or a particular content also. 
VPN -  virtual private network 

  • VPN is a important cyber security tool to bypass a local ban on a particular type of data. VPN is used by installing a third party service between the system and real server, data instruction is passed through this real server only so that the IP address can change. There for VPN can be used to access restricted data in a particular geography .
  • It can also be used to access sensitive data by the employee of an office when he or she is outside the office. 
  • VPN is also used for faster access of data and it provides data in encrypted form so that it cannot be accessed by a third party. 
Microsoft defender 

  • Launched in Windows 10. It is protection tool for system from external attack such as virus attack, worm attack and spyware attack etc. It is integrated free of cost with Windows 10 and it updates itself regularly also. 
Avast
  • It is a cyber security tool that protects the system from external device download threat. It scan the pendrive, hard drive, etc before the file download. 
AVG 

  • It works for online system where it can scan the threat from online download such as email or other links. 
Note : both avast and AVG are available on subscription basis. 

IT act 2000 

  • To promote good governance in India it was felt that good governance can't become successful unless and until it has e-governance ,therefore in year 2008 information technology act was passed by parliament. After this act a ministery named MOICT (ministry of information and communication technology )was established ,it had three department under it.
  1. Department of post 
  2. Department of telecommunication 
  3. Department of IT
  • In 2015 it was changed into ministry of electronics and information technology and ministry of communication and broadcasting (MOY).
  •  IT act 2000 is the only law or tool that deals with all type of cyber activities such as cyber threat , cybercrime, big data e- commerce ,etc. But it needs an urgent update. 
IT act amendment 2018 

  • In this amendment section 66 clause A was added in it IT act 2000. It says that if any individual or a group harms the image of another individual, group and religion, public figure or historical figure on electronic media in such a way that it harms their image in real life also then it will be considered as a criminal offence ,based on this many arrest were made in India but in 2017 the supreme court guided that in case of any conflicting situation between IT act and fundamental rights  , then fundamental right would be considered as supreme but in cases of war ,emergency, natural disaster and section 144 IT act would be considered as supreme. 
  • Again in 2017 the supreme court declared that the clause A of section 66 is null and void because it violates our fundamental right of right to freedom of speech and expression. 
India cyber security challenges 

  • India being one of the advanced IT based country with a large number of population in digital space but it locks behind many countries in the field of cyber security. Identified challenges of cyber security are :
  1. Digital literacy : India has a large population that are digitally illiterate, to fight the problem of digital literacy government of India has launched the program  national digital literacy mission. The target of this program was to provide digital literacy to more than 6 crore households. Later on the program was renamed as PMGDISHA Pradhan mantri gramin digital saksharta abhiyan. The target of this program was to provide literacy to more than 6 crore household focused in rural areas. 
  2. The cyber security related content are available in English language therefore it creates a language barrier problem for a large number of population in India. The central government has advised the state government to develop the cyber security tool in local languages. Rajasthan government become the first government to launch email id in Hindi. 
  3. There is a very less private sector participation to develop cyber security tools because they do not get profit on their investment. 
  4. India still deals with IT act 2000 for all cyber security related cases but it needs an urgent update.
 National cyber security policy 2013 

  • It aims to make secure and resilience cyber space for citizen ,business and government. 
  • It aims to make India into a secure cyber environment. 
  • It also aims to reduce the vulnerability to cyber attack ,cyber crime etc. 
  • There will be public-private partnership in the fields of cyber security. 
CERTIN - computer emergency response team India 

  • India established CERTIN in 2004. Its purpose was to provide a secure cyber environment to Indian cyber space. it was established under IT act 2000. It also acts as an advisory body to the government of India in the field of outdated cyber law. If any corporate organisation experience any threat then it must inform to CERTIN first. 
NCCC  - National cyber coordination centre 

  • It was established under IT act 2000 ,it works under CERTIN, it is an e-surveillance agency in India that works at the meta-data level that is to find out the thread before it can actually effect ,it also acts as an advisory body  to government of India in case of outdated cyber law. 
Cyber surakshit Bharat (launched by MEITY)

  • The program is aimed at making India a secure cyber environment company , it has been launched as on PPP basis that is public private partnership basis. The participating public companies are CERTIN , NIC (National Informatics centre ) , NASSCOM( National association for software and services companies ) and participating private companies are Wipro ,Microsoft , redhat, Cisco. 
  • The public company provide guideline while private company developed tools based on it.
Hackathon
  • India organised world's largest hackathon in 2016 . Its purpose was to develop open data ecosystem . It was organised online and offline both , offline centres were patna , surat , jaipur , bhubneshwar , hyderabad , chennai and noida.
  • There are themes on which app development and open data development to place these themes are drinking water , samitation , crime , education , health and transport.
Global hackathon of AI
  • Objective is AI for all, it was organised on same pattern as hackathon.
M-kavach
  • Launched by MEITY. It is a mobile device security application that can protect the system from unauthorised data use , wifi use , gallery use , financial transaction application use , etc. It can protect the phone if it is lost or stolen . It can also locate the new number when the sim card is changed and it can also be possible to delete the sensitive data from remote location , but it is only available for android devices.
Digital sky
  • It is a regulation for flying of drones so that it does not interfare with the flying zones of aeroplanes.

Tags:

Post a Comment

0 Comments