India faces a significant cybersecurity threat due to reliance on foreign vendors, particularly from China, which may jeopardize national security as global cybercrime losses escalate. The document outlines the increasing frequency of cyberattacks in India and emphasizes the necessity for self-reliance in cybersecurity infrastructure, including developing indigenous software and hardware. Proposed solutions include stringent security audits, certified decision-makers, and heightened public awareness to combat these threats effectively.

1. India's Critical Cyber Control in Foreign Hands - Biggest Threat to Research,
Economy & Cyber Security
Reports confirm that cybercrime is on the rise. Global cybercrime losses have crossed $US388 billion last
year - more than the money lost to drug mafia. In India too, we are not averse to it. It impacts our daily
lives too… and we see that the cases pertaining to cybercrimes are on the rise exponentially. Recently
India has witnessed many Cyber Attacks on its Web Presence. More than 14,000 Government websites
alone were attacked in the past one year.
The budgetary allocation towards strengthening our Cyber Security Infrastructure or the thrust from the
policy makers isn’t quite in sync with the Vision and Mission statements of our premier research body of
CERT-In. Before jumping to any hasty and biased conclusions, let's try and understand the basic
terminology and the finer nuances of its shortcomings.
What is Cyber Security? Cyber Security ensures the attainment and maintenance of the Security
apparatus & assets (of an organization, individual or even a Government) against security risks in the
Cyber Environment.
What is Cyber Environment or Cyber Space? It is a pool of all electronic devices which may or may not
be connected to any network and/or Internet for any of the purposes of communication, transmission
and storage.
What is Cyber Terrorism? it may be defined as the use of computers as weapons, or as targets, by
politically motivated International, or sub-national Groups, or clandestine agents who threaten or cause
violence and fear in order to influence an Audience, or cause a government to change its policies. In
case these targeted attacks are sponsored by a Government from one country to attack the
Government’s cyber resources in another country it turns into an act of Cyber War.
Cyber Space or Cyber Environment consists of:
1. Hardware or Cyber Security Hardware
2. Software or Cyber Security Software
3. Anti Virus, Anti Malware, Anti Spyware & so many other such software
4. Intrusion Detection, Prevention & Monitoring Systems
5. Network Environment
6. Operating Systems
Who controls all this in India? I am sure everyone knows where the control lies… Who or which Cyber
Security department in India can prove and certify whether the vendors supplying these
services/products to India are not carrying on any clandestine spying activities or haven’t purportedly
left back doors to exploit when the need arises?
Cyber Security implementation via Foreign Hands or banned vendors:
Cyber War is already on. Reports from just last week, suggest Chinese Military sponsored teams have
hacked into several big American Corporations to sabotage its resources. Where do you think India
stand in such an eventuality? Or Are we even aware? Is India really Cyber Safe?
India's Network Infrastructure, Monitoring & Safeguarding the Cyber Attacks on our servers, Nuclear
Center Networks Management, Cyber Security of Research Centers, WiFi-enabled Trains, Metro Trains
and many more critical projects fall in foreign hands especially those with the Chinese vendors that are
www.eCoreTechnoS.com

2. banned in the most secure Cyber Nation, the United States of America. Some of these vendors have
been blacklisted for its known nefarious designs, and yet we often see those winning critical projects
with aplomb.
India's key decision makers need to be certified and well aware of the Cyber World Technologies. India is
implementing Cyber Security solutions on the basis of what suppliers are thrusting on them. It is not as
per the needs to ensure we are safe from both EXTERNAL & INTERNAL THREATS. The Government is
trying to safeguard us from EXTERNAL THREATS OF CYBER ATTACKS by working with the Foreign
Vendors & indirectly giving them the keys to do sophisticated INTERNAL CYBER ATTACKS. It indeed is an
alarming situation.
"There's a strong likelihood that the next Pearl Harbor that we confront could very well be a cyber
attack," said Leon Panetta, the Secretary of Defense and former director of the CIA in the US.
It scales the physical boundaries of a region and in-fact a nation too. The impact it can have can only be
ascertained from the fact that a Nation’s complete Power, Nuclear, Military, Transport and/or Financial
infrastructure, most complex systems are largely controlled by computers today. If hostile elements gain
control of these decidedly civilian establishments, they can wreck havoc.
Food for Thought - Let's not forget August 2012, North India Power Outage & the resulting Economic
Loss… Though it was not a case of Cyber Sabotage but this could well soon turn into a reality.
Solutions Proposed:
India must develop its own Operating Systems, Hardware, Software and Cyber Security
paraphernalia to be used at National Level especially for the mission critical sectors. Till the time
it is developed we need to resort to the following
1. Hardware imported should have blue print to ensure there are no inbuilt backdoors in
hardware. Software imported must have access to source code for security testing to make sure
no inbuilt backdoors are left in the software.
2. Security Quality policies streamlined, proper checks and balances put in place to ensure the
National Security is not compromised at any cost.
3. Mandatory Security Audit Compliance for every Government Department. Relevant Security
Audits put in put in place and appropriately scheduled.
4. Cyber Security decision makers are certified & made responsible for any act of mischief or losses
owing to Cyber Security ignorance.
5. Creating and Promoting Open Cyber Security Professionals groups/forums that are transparent
and open to any discussions/suggestions & recommendations.
6. Appropriate budgetary allocation and a concerted thrust to actually promote Cyber Security
Research and to implement our own Cyber Security Solutions.
7. Most importantly spread Cyber Security Awareness through all Media Channels as it is the key
to ensure the community stays safe. As an old adage goes “ You are as strong as your Weakest Link”
and here the weakest link is “us”.
This is to remind all that being safe and Cyber Secure online is a shared responsibility. Emerging
Cyber Threats require engagement from the entire Indian community—from government and
law enforcement to the private sector and most importantly, members of the public – to create a
Cyber Safe community. We at eCore as a part of our Corporate Social Responsibility are
spreading awareness; we encourage the community to ACT – Achieve Cyber-security Together
– reflecting the interconnectedness of the modern world and the responsibility each of us share in
securing our Cyber-Space.
Ravdeep Sodhi, Cyber Security Researcher, eCore Techno Solutions Pvt Ltd
www.eCoreTechnoS.com