The National Power Corporation of India Limited(NPCIL) has confirmed the presence of malware in the internal computer system at the Koodankulam Nuclear Power Plant(KKNPP). Though the infected computer has been reportedly removed from the network, this has raised several questions regarding India's preparedness to deal with cyber attacks.
The cyber attack on the nuclear plant had come to the fore last month but the NPCIL had been on denial mode. Senior bureaucrats in the Department of Atomic Energy and the Computer Emergency Response Team(CERT-India) had since then taken a serious note of the issue. The acceptance of the cyber attack on the KKNPP, which boasts of being the biggest nuclear power plant in the country, leads to much larger issue of India's readiness to become a digital economy.
Experts point at the lack of awareness about the threats and low level of digital literacy among average Indian user as responsible factors behind such high threat perception. Absence of standard operating procedure on the event of a cyber attacks makes many firms and even government organisations at risk. State Police forces, barring a few exceptions like Kerala, are ill equipped to investigate cyber crimes. All these factors leave individuals and systems in India at risk.
Just last month, the Reserve Bank of India had issued warnings to all banks operating from India regarding loopholes in their data security aparatus. The warnings were following the findings by the Singapore based cyber security firm Group-IB that details of 1.1 million Indian debit cards were available online. Several dozens of instances of malware attacks on financial firms were reported since 2016, when the Government of India started actively promoting online payments and cashless transactions post the demonetisation.
The Government is in the final stage of formulating a national cyber security policy for 2020. The policy reportedly has six focus areas one of which is data security. The Srikrishna Committee had in 2017 recommended a data protection law to be enacted in India to deal with cyber threats. Attempts to such a legislation has hit a roadblock due to lack of consensus among the Government and the digital companies. The Parliamentary Standing Committee on Information Technology had recently summoned top officials of the WatsApp India to testify in a spyware
The cyber attack on the nuclear plant had come to the fore last month but the NPCIL had been on denial mode. Senior bureaucrats in the Department of Atomic Energy and the Computer Emergency Response Team(CERT-India) had since then taken a serious note of the issue. The acceptance of the cyber attack on the KKNPP, which boasts of being the biggest nuclear power plant in the country, leads to much larger issue of India's readiness to become a digital economy.
Experts point at the lack of awareness about the threats and low level of digital literacy among average Indian user as responsible factors behind such high threat perception. Absence of standard operating procedure on the event of a cyber attacks makes many firms and even government organisations at risk. State Police forces, barring a few exceptions like Kerala, are ill equipped to investigate cyber crimes. All these factors leave individuals and systems in India at risk.
Just last month, the Reserve Bank of India had issued warnings to all banks operating from India regarding loopholes in their data security aparatus. The warnings were following the findings by the Singapore based cyber security firm Group-IB that details of 1.1 million Indian debit cards were available online. Several dozens of instances of malware attacks on financial firms were reported since 2016, when the Government of India started actively promoting online payments and cashless transactions post the demonetisation.
The Government is in the final stage of formulating a national cyber security policy for 2020. The policy reportedly has six focus areas one of which is data security. The Srikrishna Committee had in 2017 recommended a data protection law to be enacted in India to deal with cyber threats. Attempts to such a legislation has hit a roadblock due to lack of consensus among the Government and the digital companies. The Parliamentary Standing Committee on Information Technology had recently summoned top officials of the WatsApp India to testify in a spyware
No comments:
Post a Comment