How can states respond effectively to cyber-attacks originating beyond their own borders? Compare and evaluate the responses of two or three different governments.
The three states that are being compared and evaluated in this research paper are India, USA, Russia
How can the state respond effectively to the cyber-attacks originated beyond their borders
Cyber threats are not only undermining people’s trust on the Internet but also the Government or the formal processes that citizens are dependent upon. From breaching into a computer system to stealing data, the cyber-attacks affect the democratic world, the more vulnerable the system, the more chances of cyber-attacks that jeopardizes the whole society.
If you need assistance with writing your essay, our professional essay writing service is here to help!
Multiple sectors share the responsibilities of cybersecurity such as healthcare, financial markets or election, not all the systems will be immune to cyber attacks as there is no such thing as a “100% secure network/machine”.
India
India’s first official step up towards cybersecurity was in the year 2013, when it introduced, “National Cyber Security Policy.” It also established Computer Emergency Response Team-India(CERT-In). This agency recorded 60,000 incidents in 2014 itself. India’s cybersecurity budget is 140 million dollars; this is even less than 10% of the US cybersecurity budget, which stands at 17.4 billion dollars. Below are the current shortcomings of India’s cybersecurity sector.
No national level architecture: In India, both the public and private sector owns the critical infrastructure, and they follow their norms and protocols in order to protect their infrastructure from cyber-attacks. There are multiple sectors owned by armed forces. Notwithstanding, there is no national security design that brings together the endeavors occurring publicly and privately, which helps to tackle any threat effectively and in a more synchronized manner.
A dearth of skilled and trained human resources: Although India has a decent amount of youth population interested in IT, it lacks in intelligence when it comes to a specific area of IT i.e., Cyber Security.
No cooperativeness: Cyber threat is not just the problem for anyone sector; in fact, every place in the country that uses the computer is vulnerable to cyber-attack any day and in any way. Cyberspace has no limitations; hence, armed forces network, national security architecture, or banks are all vulnerable to cyber-attacks. Attack on any of the above can be at the domestic level or national level with many causalities such as property, money, or lives. We need organizations that are well equipped and ready to collaborate, keeping aside their differences when it comes to national cyber defense. India needs to adapt tactics similar to Israel.
Information gap: There are no such policies or places in India for cybersecurity. Lots of people are not aware of cyber laws and rules on any level. There is only one-way domestic internet users can be safe and saved from cyber-attacks, if they are aware of legal systems, or at least can get help for the same. Given the widespread piracy of OS(operating systems) and software, it is tough to get any real statistical data. Hence, when it came to any nationwide cyberattack, the numbers in terms of affected computers were negligible.
Lack of invariability in fares on internet access:
There are various income groups in India, with a different pay scale, not everyone can afford smartphones. Less than 1% of the population in India has mobile phones with higher security. This gap between the prices in the market is the leading cause of why the technical standards for protecting data cannot be set.
Ref:
(Winder, 2016)
Attacks on India originated from outside its border.
In the era of 2010-2018, China aimed to acquire access to confidential information of the Government of India. There were almost (55 cases for the same) excluding the 2010 attack, a worm named Stuxnet was used to compromise Indian satellites and which resulted in the loss of tv signals at many places. It was a ubiquitous form of cyber attack where the trojan virus is used to infiltrate the victim’s network, and it can easily hide and lay dormant in the system which can cause a doomsday scenario in future.
ADD ONE MORE ATTACK
(Elizabeth Readziszewski, 2019)
India’s restrained response
At first, there was no acute response to the attack, India remained all silent about it. Considering a tough fight for the power amongst other countries, it was expected a counter-threat or equal comeback, but it did not happen.
Later in 2012 in the Munich Security Conference, it was clear that India’s efforts in the cybersecurity sector were not severe enough. To mitigate the crisis, the Government was set on developing a preventive solution aimed at developing indigenous microprocessors and reducing the country’s imports of military software, which have accounted for nearly 70 percent of all such software. In 2012 there was also a proposal to create a command control center for monitoring critical infrastructure and responding to breaches.
These measures were again slower than expected. In 2017 Rahul Tyagi(Cybersecurity expert) said that most of the import in India was done from China, which made India’s security network more vulnerable to cyber-attacks. HOW
A CEO of a private defense company who spoke anonymously in 2018 dubbed the “Make in India” push as “virtually a non-starter.” The country, according to Tyagi, needs more time and money to improve defensive cyber capability and cannot even contemplate using cyber as an offensive weapon.
While India’s treatment of approaching cyber-attacks has been lazy, in the transient, it could be viewed as a sound reaction to threats. Nonindulgence is a practical approach because of the uncertain nature of cyber threats. While the suspect of the attacks is china, the Chinese Government has more than once rejected obligation for the activities. A nation can always deny its connection with hackers as its not similar to weapons which are an area of nations military; in this case, the nation’s focus should continue being alert.
There is a likewise subject of how to react to cyber-attack when a nation needs sound cyber
Security infrastructure that it could? Such a move accompanies staggering expenses. The adversary may see a common reaction as too escalatory to the extent to cyber-attacks and increase the contention significantly more, ending hazardously near a full-scale war. China’s cyberattacks have not done any harm to India or brought any setbacks to legitimize progressively proactive traditional reaction.
Our academic experts are ready and waiting to assist with any writing project you may have. From simple essay plans, through to full dissertations, you can guarantee we have a service perfectly matched to your needs.
Depending on limitation as a methodology turns out to be much challenging when considering the political sector in which the attack happens. Nations that are involved in a long haul enmity and that additionally happen to have other suffering adversaries- the case for India and its other opponent Pakistan-just cannot bear to process most of the emergency circumstances. To oversee assets adequately, they should understand the emergency of threats and manage caution to keep away from escalation. By managing regular attacks from Pakistani attackers over cyberattacks from China, India has perceived the multifaceted nature of risk management.
However, there is an unavoidable risk when the short-span strategy of limitation changes into a long haul approach of holding up and hopping for the best. However, when there is silence for a long time, it can urge the adversary to proceed with more cyber attacks. Furthermore, this can undermine the nation’s security. For instance, the 2009 event where Chinese programmers stole confidential information from the military of India on missile mechanisms is just as Intel on India’s security circumstances in different states. In the case of military clash, such data may be utilized by Chinese military not exclusively to abuse frameworks shortcomings but additionally recognize proper area to attack, and uses that information to attack in country’s most vulnerable moment.
How better can India’s response be
India needs to ramp up its cyber defense. Currently, the budget is ?????. The latest initiative seen from India’s side is its enhancements on the available systems and protocols. India being a developing country, the Government’s priority in terms of funding in cyberspace, is not given much weightage. In order to defend itself from attacks originating beyond its border(for instance attacks from China). Cyber Defence is like a rat race, and one need to be faster and advanced all the time. Sadly, India’s growth in this sector lacks drastically concerning its adversaries. Also, India wants to keep everything close to its chest, i.e., do not want to collaborate much with private sectors nationally or internationally.
The best approach would be a joint venture between south asian countries with respect to cyber security domain. This way, India will be able to share resources with other countries and vic-e-versa. If such a collaboration is possible, it will make small south Asian countries more secure from their respective adversaries. NATO helps its members by maintaining shortcomings of each individual members, ranging from food to financial shortcomings. Similar approach can be used by Multination Cyber Coalition(MNCC) which will comprise of mostly developing South Asian countries. It can have a centralised cyber defence team which can respond to any state which is under cyber attack.
Making such an activity would be equal to reinforcing nations’ prevention by denial technique; basically, it makes it tougher for China to achieve its critical goals of a cyber attack because of its robust defenses. The additional advantage of the worldwide methodology is that it would debilitate China from reacting forcefully to any individual country that joins the activity as if they are to embrace more against all participants can increase their risk and can create some international crisis which can be harmful to China. Besides, the MNCC’S goal would be protective, and each state would separately sick offensive cyber capabilities that will improve prevention by denial while decreasing china’s feasible negative response to what might be defensive rather than an offensive initiative.
Driving the attempt to build up a multination cyber coalition might be India’s most logical option for building up a hearty, long haul cyber protection procedure for the potential advances national security while simultaneously decreasing the likelihood of contention heighting.
Russia
Vulnerability exposed
Russia holds the history of originating cyber-attacks. That does not mean their cybersecurity is robust, which is shocking. In a few recent incidents, Russia has been the victim leaving the citizens and computer systems vulnerable to more attacks. There was some significant impact on Russia in 2017 wannacry attack it infected thousands of networks of Government and private sector, this includes the ministry of interior, whose scope is also to protect from cybercrimes.
Following that, there was another ransomware named NotPetya, which also spread internationally. Different networks like the ones belonging to natural gas giant Rosneft was infected. The causticity of the situation was there were speculations that the attack was originated in Russia itself to target Ukrain on the national holiday constitution day. Instead, they became the victim of the attack that they originated.
In the latest Russia-Us conflict, Russia was again in spotlight for its involvement in 2016 US presidential elections. US cyber command investigated the russian disinformation proliferators. These russian adversaries had the goal to belittle and control “trolls” of Internet Research Agency(IRA) based in St. Petersburg, US. Russians have a long history of rivalry with US. Russia’s cyber offensive tactics can backfire anytime, due to its severity of attack-i.e. targeting critical infrastructures can make Russia’s own critical infrastructure more attack prone.
Issues in Russia that companies must address from a privacy perspective when they suffer a data security incident.
The concern is not the fines, but the amount they set for if someone is caught in the incident is only up to(the US $1000) and nothing more than that. Want a cry affected many computer networks throughout the world, and few of the law firms started giving their expertise in the cybersecurity sector, by giving suggestions for affected computers. After the above talked attack NotPetya, the experts might have lost the trust of the clients.
Purple:- check again.
When in doubt, the Russian Government needs to guarantee that their computer systems in Russia are consistent with the specialized necessities of the Federal Security service of Russia(FSB) and the federal service for technical and Export control of Russia(FSTEC). Ordinarily, it is prudent that the development of Russian IT condition and related IT consistency methods to be executed with the help of the Russian organization spend significant time in IT security(assurance of secret data). An IT security organization can likewise help with the setting up a lot inside documentation; inward information on the technical matter of individual information assurance, a portrayal of the IT security framework and the measures to be taken by the organization to anticipate data-stealing (e.g., risk models, technical reports). They could likewise prompt on which software and hardware should be introduced to guarantee information security. Clearly, at this phase of the advancement of IT innovation it is exceptionally fitting not to depend alone IT assets, yet instead, bring in a re-appropriated supplier of IT security administrations and let experts assemble the organization’s information security firewalls. (Morgan, March 26,2019)
USA
How could have states better responded to the cyber stacks originating from outside their borders
Not only does hacking systems but stealing someone’s personal information like financial details passwords, to the network breaches affect the world, and attacks that affect nation’s processes, the more chances of cyberattacks increases the more risk will increase on society, not just online but the physical world too. Cyber attacks will undermine trust on the Internet as well as the administrative procedure residents rely upon.
In this situation, we cannot rely on only the Government or private sector to manage the extension and size of cyber-attacks alone. Because the Internet is interconnected, lone activities by stakeholders, being decisive, will have little impact on the mitigation of cyber threats. Making the system versatile in handling the cyberattacks will only happen by sharing the data, considerate thinking, and joint efforts amongst stake partners.
How partners manage to future cyberattacks could change the Internet from an open and communitarian internet to divided, closed, however, but a ”secure” network condition would be obtained. A significant change to engineering and basic standards of the Internet could convey the tragic fate of secure walled gardens, shifted access and complete client permeability(no encryption secrecy or protection)
If that is the case, the interest of national security will dominate opportunities and rights. Whatever occurs, we expect a fight amongst national security interest and end-user safety interests(for instance encryption) to proceed
There is a option in contrast to dystopian vision of secured systems. Whenever there are cyber threats stake holders respond systematically with composed response to cyber crime, participation on cyber crime, meeting multistakeholder stages to more readily work together on national cybersecurity systems and guaranteeing regard for human rights, at that point cyber threats can be better overseen and relieved, and trust can reeastablish.
Technical advances may also result from the threat and impact of cyberattacks and cybercrime. For instance, past advances in encryption technologies have given users more secure devices and services that let them perform sensitive activities online. As one technologist noted, “the negative trend is the increase in cybercriminal activity. The positive trend is our ability to build more kinds of devices and protocols that will make it harder”.
References
- Cooper, h. (2018). WannaCry: Lessons Learned 1 Year Later. Symantec Blogs.
- (n.d.). Cybersecurity in India Opportunities for dutch companies. Netherlands business support office Hyderabad, India.
- Elizabeth Readziszewski, B. H. (2019). India’s response to china’s cyber attacks. The Diplomat.
- EY. (2017). “WannaCry” ransomware attack. EY.
- Morgan, N. (March 26,2019). Global Risk Insights.
- secrieru, N. P. (2018). Edited by : Hacks, leaks and disruptions russian cyber strategies. Chailot papers.
- Today, I. (2017). Wanna Cry ransomware cyber attack:104 countries hit, India among worst affected,US NSA attracts critism.
- Winder, D. (2016). The future of conflict is in cyberspace. Raconteur.