Cyber crimes in India caused Rs 1.25 lakh crore loss in 2019 and cyber threats will continue to increase as the country starts developing smart cities and rolling out 5G network, among other initiatives, National Cyber Security Coordinator Lt Gen (Dr) Rajesh Pant said. He said that there are only a few Indian companies who are making some of the cyber security products and there is a big vacuum in the sector.
Further, Pant called for setting up a dedicated industry forum for cyber security to develop trusted indigenous solutions to check cyber attacks. “Last year, our official figures were Rs 1.25 lakh crore lost due to cyber crimes in India. Ransomware attacks are increasing everyday and these criminals have been working from home. They have no qualms. They are heartless people. They are attacking hospitals because they know in an emergency hospitals will pay,” Pant said at an event organised by industry body FICCI.
He said that there are a lot of vulnerabilities in devices like mobile phones that people use to access services. “We did an analysis on the attack vector in a mobile phone. We found that it is not only apps but there are 15 different attack vectors from where I can hack into a mobile phone. That includes the operating system, its processors, memory chips, communication interfaces, bluetooth as well as wi-fi,” Pant said.
Besides the app that people download from the authorised store and third party source, he said that most of the bundled apps or the pre-installed apps have been found sending out data. On August 15, Prime Minister Narendra Modi announced that a new cyber security strategy will be presented to the nation as dependence on cyberspace will increase multi-fold in the coming years.
According to Pant, National Cyber Security Strategy (NCSS) is to ensure a safe, secure, trusted, resilient and vibrant cyberspace for India. “It (NCSS) is presently at the highest level waiting for the last level of signatures,” he said. Pant also said that the government under NCSS will push for building a lot of indigenous capabilities, central apex body, legislative framework and cyber security incidence and response teams at the sectoral and state levels.