With the ICT revolution in its mature stage, demand, need and necessity of computers, laptops and smartphones have brought a revolutionary change in our lives. In the modern age, it is almost unthinkable for any individual to exist without the aid of modern-day gadgets and the internet. The total number of internet users in India is pegged at 243 million by June 2014, which happens to be about 20 per cent of the total population. This is likely to grow further.
China is now home to over 618 million Internet users, 80% of whom access the web via smartphones. It is 46% of the total population of that country. In the US, the number of internet users is pegged at 270 million, which is reported to be 84% of the total population. In the modern-day world, it has become imperative to use the internet and other related ICT technologies. Most government organisations like public sector units, universities etc and private agencies like banks, power companies, public utilities etc use the internet for their day to day functioning.
In the light of the above, experts have not counted the cost of shut down of internet in a particular country. A nation may need to shut down the internet in case of war, external aggression, internal insurgency, or offensive propaganda by the enemy which may not be countered by blocking the websites. If Indian government is forced to shut down internet even for a week, life in the country will come to a standstill and in countries like the US, it will come to a grinding halt. It can cause huge economic losses running into billions of dollars. Therefore arises the need to secure the internet and its resources and have an offensive and defensive cyber security policy for the country.
A defensive cyber security policy should aim at securing sensitive government and confidential communication, privacy of users, securing national assets dependent on the web, and firewalling against anti-social elements and state sponsored terror groups. Government, private corporations and public utilities are made hacking proof. The country’s cyber assets should be made to survive a declared and non-declared enemy offensive.
For a defensive cyber security policy, certain basic steps are required along with some major steps. Cyber security awareness among users, control panel of websites in safe and trusted hands, buying hardwares and softwares from trusted firms to prevent bugging, cyber security plans in all departments and separate cyber security cells and not connecting the computers having sensitive information to internet and pan drives are some of the basic steps that agencies must take. If we can secure our resources and keep them in operational condition during an emergency, half the battle is won.
We need to have a cyber offensive plan also to punish the enemy in case of any threat as it will also act as a deterrent to some degree. The target of attack should be communication centres, satellite control rooms, government and public utility websites, financial services, infrastructure grid like power grid, intelligence headquarters and, if possible, rail and air traffic control is also jeopardised. This, if successful, can lead to chaos in the enemy nation. And the battle will be won without firing a bullet. We also need to have a special cyber security warfare cell consisting of trained personnel. Such capacities cannot be created in a short span of time. It will require years of spadework. Let us put things in place.
The writer is a free lance journalist and Chief Executive Officer at Maa Saraswati Institute of Engineering and Technology.