India’s First Joint Doctrine for Cyberspace Operation

Syllabus: Internal Security:

Source: TH

Context: India’s Chief of Defence Staff, General Anil Chauhan, has released the country’s first joint doctrine for cyberspace operations.

What is Cyberspace?

In military terms, cyberspace refers to the domain where operations involving computers, networks, and electronic systems occur. It encompasses activities such as cyber warfare, cyber defence, and information operations conducted by military forces in both offensive and defensive capacities.

What is Doctrine for Cyberspace Operation?

A doctrine for cyberspace operations is a set of principles, guidelines, and strategies developed by military organizations to govern their activities in the cyberspace domain. It outlines how military forces should plan, execute, and manage operations involving computers, networks, and electronic systems.

Significance:

It promotes jointness and integration among the three services (Army, Navy, and Air Force) and aligns with national security strategies. This integration facilitates the development of goals, methods, and resources to influence events across all operational domains and forms of power.

Comparison with China:

China has developed significant capabilities in cyberwarfare, including cyberweapons designed to disrupt or incapacitate an adversary’s military assets and strategic networks. In contrast, India has been slow to develop similar capabilities, approving only the creation of a limited tri-service Defence Cyber Agency in 2019, instead of the fully-fledged Cyber Command requested by the armed forces.

What are the current threats to cyber security?

• Outdated protocols: Current protocols to warn against cyber threats are outdated in India. This means that quantum cyberattacks can potentially breach any hardened target.

• Threat to digital infrastructure: China’s quantum advances expand the spectre of quantum cyberattacks against India’s digital infrastructure, which already faces a barrage of attacks from Chinese state-sponsored hackers.

• India’s dependence on foreign, particularly Chinese hardware, is an additional vulnerability.

Countermeasures taken by India against cyber threats.

• For Critical information infrastructure (CII)- Creation of the National Critical Information Infrastructure Protection Centre, the national nodal agency in respect of CII protection. It was envisaged to act as a 24×7 centre to battle cyber security threats in strategic areas such as air control, nuclear and space.

• Establishment of Defence Information Assurance and Research Agencyfor cyber security issues of the tri-services and Defence Ministry.

• The Army has collaborated with industry and academia to build secure communications and cryptography applications.

• In February 2022, a joint team of the DRDO and IIT-Delhi successfully demonstrated a QKD (Quantum Key Distribution) link between two cities in UP — Prayagraj and Vindhyachal.

• For the Financial sector – CERT-Fin will work closely with all financial-sector regulators and stakeholders on issues of cyber security.

• Establishment of cyber security infrastructure

• CERT-in – The main function of CERT-In is to provide early security warning and effective incident response. It is also a national agency to collects, analyzes and disseminates information on cyber incidents and takes emergency measures for handling cyber-attacks.

• IT Act 2000– This act provides a legal framework against cybercrimes related to “electronic commerce”.

• National Cyber Security Policy 2013has been framed to create a secure cyber ecosystem, ensure compliance with global security systems and strengthen the regulatory framework.

Others

• I4C (Indian Cyber Crime Coordination Center)was set up in 2016 to look into every kind of cybercrime.

• The Indian Common Criteria Certification Scheme (IC3S) isto evaluate and certify IT Security Products and Protection Profiles.

• Cyber Swachhta Kendra was introduced for internet users to clean their computers and devices by wiping out viruses and malware.

• Cyber Surakshit Bharat Initiativewas launched to spread awareness about cybercrime and build capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.

Global Effort: Bletchley Declaration:

The Bletchley Declaration, named after the historic code-breaking site, signifies a global commitment to addressing AI’s ethical and security challenges, particularly generative AI. Signed at the AI Safety Summit (in 2023), it highlights the increasing global recognition of AI risks and involves major world powers like China, the EU, India, and the US.

Way forward:

Cyber Wargames for Risk Assessments:

• Test response to cyber warfare scenarios.

• Expose defence gaps.

• Improve cooperation.

Layered Defense Approach:

• Secure cyber ecosystem.

• Raise cybersecurity awareness.

• Promote open standards.

• Implement a national cybersecurity framework.

• Collaborate with the private sector.

Securing Private Sector:

• Establish network obstacles.

• Utilize web application firewalls (WAF).

• Respond quickly to breaches.

• Foster public-private cooperation.

• Engage local hackers for defence.

Insta Links:

• Cybersecurity Challenges in India

Mains Link:

Keeping in view India’s internal security, analyse the impact of cross-border cyber-attacks. Also, discuss defensive measures against these sophisticated attacks. (UPSC 2021)

Prelims Link:

With the present state of development, Artificial Intelligence can effectively do which of the following? (UPSC 2020)

• Bring down electricity consumption in industrial units

• Create meaningful short stories and songs

• Disease diagnosis

• Text-to-Speech Conversion

• Wireless transmission of electrical energy

Select the correct answer using the code given below:

(a) 1, 2, 3 and 5 only (b) 1, 3 and 4 only (c) 2, 4 and 5 only (d) 1, 2, 3, 4 and 5

Ans: B