India Is A Sitting Duck In Cyber Security Area Warned Visionary Praveen Dalal In 2014

India’s position regarding cyber security and privacy protection has been exposed due to recent negative developments that have severely affected the rights of Indian citizens. It has now become very clear that India is a sitting duck in both the fields of civil liberties protections and cyber security. It has also been well understood by Indian citizens that privacy rights in India is not charity but a constitutional right. As a result it would be next to impossible for the Modi government to fool Indian citizens anymore in this regard.

Cyber security in India is an alien concept for Indian government for long. Even the Modi government is currently not in a position to tackle the cyber security challenges of India with its current approach and policies. Anybody can target India for various forms of cyber attacks and cyber crimes and India has become a land of no resistance for the crackers.

According to Praveen Dalal, managing partner of New Delhi based ICT law firm Perry4Law and CEO of Perry4Law’s Techno Legal Base (PTLB), India is a Sitting Duck in the Cyberspace and Civil Liberties Protection Regime. Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, Gameover Zeus (GOZ), etc cannot be tackled by India due to lack of Offensive and Defensive Cyber Security Capabilities in India. Cyber Security Breaches are increasing World over and India must be “Cyber Prepared” to deal with the same. The Cyber Security Challenges before the Narendra Modi Government are not easy to manage and Indian Cyberspace must be protected on a “Priority Basis”.

Whether it is Congress government or Bharatiya Janata Party (BJP) government, none of them have done anything significant in the directions of ensuring effective cyber security laws and privacy laws in India. For instance, the Modi government has done nothing except summoning of few officials of United States for blatant violation of privacy rights of Indians and invading Indian cyberspace.

According to Dalal “We cannot “Enact Laws” but we can use “Counter Technologies” to prevent Illegal and Unconstitutional E-Surveillance and Eavesdropping. Self Defence and Privacy Protection in India must be ensured by us at our own levels. The initiatives titled PRISM Break and Reset the Net are the “Starting Point” in this regard”. If Modi government fails to safeguard privacy rights in the information era, self defence seems to be the only available option for Indian citizens.

Offensive And Defensive Cyber Security Capabilities Of India Must Be Established

Cyber security in India has always remained an ignored world whether it is Congress or BJP govt. Neither Congress nor BJP has the vision to ensure a safe and robust cyber security in India and till October 2022 the position of Indian cyber security is very bad.

In 2012, Visionary Praveen Dalal suggested many far reaching and reformative cyber security measures but both Congress and BJP failed to act upon them. One of the suggestions of Visionary Praveen Dalal in 2012 was that Offensive And Defensive Cyber Security Capabilities Of India must be developed as soon as possible. However, even in October 2022 that has remained a distant dream.

Even Cyber Warfare against India and its defenses have remained an illusive dream and till October 2022 India is a sitting duck in cyber security field. India has focused upon illegal and unconstitutional e-surveillance instead of strengthening of Rule of Law, Privacy, Civil Liberties in Cyberspace and cyber security. As a result, India is facing tremendous cyber attacks and cyber crimes in the year 2022.

In the year 2014, Visionary Praveen Dalal brought to the attention of Modi Govt the challenges of cyber security but it failed to act upon them even in October 2022. Now Indians are bearing the consequences of the same and cyber crimes, cyber frauds and digital payment related crimes have increased significantly in India. This all is well attitude of Indian govt is not good for the national interests of India and that is why we have ensured a robust and effective cyber crimes reporting system in India.

So bad is the situation that even cyber security breach reporting in India has failed to take off since 2014. Except chasing away cryptocurrencies and VPN service providers from India, this norm has not done anything. MSMEs and small companies in India openly declared that they would not comply with such rules and this forced the govt to further extend the deadline. So one can simply refuse to comply with cyber security related norms and Indian govt cannot do anything in this regard.

To develop robust Offensive and Defensive Cyber Security Capabilities of India, we need a 360 degree view of the cyber security landscape of India says Visionary Praveen Dalal. But what we have is lack of political will, unwillingness of stakeholders to ensure cyber security and lack of cyber law and cyber security skills in India. We at Perry4Law Organisation (P4LO) and PTLB have been working on all these aspects and techno legal online skills development from K12 to lifelong learning stages in one of our priority areas.

For instance, Streami Virtual School is the only school of the world that is teaching cyber law and cyber security to school students. Streami Virtual School is the first virtual school of India and first techno legal virtual school of the world. This is the approach that we need for India but political parties like Congress, BJP, AAP, etc are engaging in rhetoric and drama instead of actually working upon reforming education and ensuring skills development of Indians.

Till we have a capable govt and capable and skilled workforce, ensuring offensive and defensive cyber security capabilities of India is not possible. We at P4LO and PTLB have done our part and now those stakeholders who believe in same cause must do their part.

Modi Government Failed To Address Cyber Security Challenges Despite A Warning In 2014 By Visionary Praveen Dalal

This article was written by Visionary Praveen Dalal in 2014 making PM Modi aware of the dire need to ensure robust and resilient cyber law, cyber security and national security of India. But till September 2022 nothing has been done by Modi govt in this regard. This article has been reposted here with permission so that students of Streami Virtual School can understand and learn about Indian cyber law and cyber security conditions.

As Mr. Narendra Modi is all set to swear to the post of Prime Minister of India he has to face unlimited challenges that have accumulated over a period of time. Thanks to our bureaucratic set up and all pervasive corruption, public reforms have always been kept at bay. There was no dearth of money and skilled people to accomplish the projected targets but still a dominant majority of projects in the last decade have failed to materialise.

Now that Mr. Modi has asked for a brief but accurate report and analysis of the situation, our bureaucrats are sweating and are in high stress. Even if they may somehow justify their non action and national reforms massacre still they would not be in a position to accomplish the mammoth tasks that have yet to be achieved. Decades of corrupt practices, incompetencies and indifference cannot be defeated in few years especially by retaining the same bureaucratic and ministerial structure.

Although there are hundreds of issues of national importance yet I would like to confine myself to a single issue that is closely and intrinsically related to our national security. The issue that I am talking about is the cyber security of India that is in a really bad shape. For decades our bureaucrats and Indian government did not consider cyber security as an essential part of national security policy of India. As a result cyber security has been grossly neglected and this has created a situation of high alert.

Even on the legislation front, India has failed to do the needful. For instance, we need to repeal the laws like Information Technology Act, 2000 (IT Act 2000), Indian Telegraph Act, 1885, etc but for some strange reasons our bureaucrats and Indian government kept them intact. I have been suggesting this recourse for the past five years but till now nothing concrete has happened in this regard. Similarly, crucial laws are absent from Indian statute books. These include law regarding privacy, data protection, telecom security, encryption, cloud computing, etc.

Mr. Modi would be required to not only overhaul his cabinet structure but also cleanse the bureaucratic circles that have been plaguing Indian reforms. Bureaucrats and politicians with clean image, hard working reputation and reforms oriented approach must alone be part and parcel of the Prime Minister’s Office (PMO) that may emerge as a “centralised national reforms point” of India. The approach regarding the proposed PMO is much required as that may be a game changer for India.

The previous PMO of India has already sanctioned a plan to spend 1,000 crore over the next four years to strengthen the cyber security capabilities of India. All Mr. Modi has to do is to make it sure that this may not be another proposal with no actual implementation. It must also be ensured that the allocated money is not only utilised but corrupt practices must also not take place while executing the cyber security project.

Obviously India needs to establish both offensive and defensive cyber security capabilities. This is important to protect the critical infrastructures of India that are dependent upon information technology. A cyber warfare policy of India must also be formulated as Malware like Stuxnet, Duqu, Flame, Uroburos/Snake, Blackshades, FinFisher, etc are far beyond the reach of present cyber security mechanisms. These Malware are stealth in nature and till the time they are discovered the damage is already done.

Skilled workforce is also need of the hour and for this purpose cyber security courses must be introduced at the university level. Online education must be encouraged so that online cyber security courses can be imparted in India.

In short, the cyber security challenges before the Modi Government are institutional, skills driven, time sensitive and urgent in nature. We have already delayed strengthening of our cyber security capabilities and any further delay should not be tolerated by him.

Cyber Security Challenges For The Modi Government As Suggested By Visionary Praveen Dalal In 2014

In May 2014, Praveen Dalal, CEO of Perry4Law Organisation (P4LO), PTLB and PTLITC, warned about poor cyber law and cyber security conditions in India. But till September 2022 nothing has been done by Modi govt in this regard, except empty promises.

Cyber security in India is in a poor condition even in September 2022.  Cyber security of banks in India is also required to be strengthened. The banks operating in India are not at all serious about maintaining cyber security of banking related transactions and this is resulting in many cyber and financial crimes in India. In the absence of appropriate skills development and modernisation of law enforcement agencies of India, police force are finding it really difficult to solve technology related crimes. Further, cyber security of sensitive databases would also require strong privacy protection and cyber security compliance.

Another problematic area is absence of an implementable telecom security policy of India. Most of the policies and regulations in this regard are clearly unconstitutional in nature as they are neither balanced nor in compliance with the constitutional requirements. Experts believe that the stand of Modi government regarding e-surveillance projects like Central Monitoring System (CMS) Project of India and Internet Spy System Network and Traffic Analysis System (NETRA) of India must be made clear. Otherwise, this would create troubles for the government as well as for the telecom security policy in the near future.

In 2014, Visionary Praveen Dalal recommended:

“The cyber security challenges for the Modi government must be given due importance. Cyber security should be an essential component of the national security policy of India. The cyber security trends in India, as provided by Perry4Law Organisation (P4LO) from time to time, have highlighted major shortcomings of Indian cyber security initiatives and the same must be addressed by Modi government as soon as possible. Although National Cyber Security Policy (NSCP) 2013 has been declared yet it needs both updation and implementation.”

“We need dedicated cyber security laws in India and effective cyber security policies. For instance, we have no cyber warfare policy of India and this is a major lacuna in the contemporary times. Similarly, critical infrastructure protection in India is also not up to the mark and it needs to be strengthened. Let us hope that the Modi government would do needful in this regard.”

However, nothing happened since 2014 as political aspirations are more important for Modi govt than national security and national cyber security.

But we at P4LO, PTLB and PTLITC have continued to spread awareness and created dedicated techno legal online portals so that techno legal skills in fields like cyber law, cyber security, cyber forensics, etc can be developed in India. Streami Virtual School is the first virtual school of India and first techno legal virtual school of the world. It is already developing skills of cyber law and cyber security of K12 segment. PTLB and PTLITC are managing cyber law and cyber security skills development initiatives of P4LO from K12 to lifelong learning stages.

Let us hope that Modi govt would wake up now to the dangers of technology usage and do the needful as soon as possible.

Cyber Warfare Against India And Its Defenses As Suggested By Visionary Praveen Dalal In 2012

It was the year 2011 when Visionary Praveen Dalal provided his recommendations to Congress govt regarding cyber warfare policy and development of offensive and defensive cyber warfare capabilities by India. However, both Congress and BJP have failed to act upon cyber security of India till October 2022.

Cyber Warfare is a concept that is well known at both national and international levels. In one form or other and in lesser degree or more, Cyber Warfare has been accepted as a reality in the present Cyber World. However, Cyber Warfare concept still haunts the international community and till now we have no dedicated Legal Framework for Cyber Warfare at international level.

Till Harmonised Cyber Warfare Legal Framework emerges, piecemeal efforts would try to fill the void in this regard. Not very late NATO requested Cyber Security cooperation form India. We should not wait for others to develop our own Cyber Warfare Capabilities in India. In fact, Cyber Warfare Policy of India must be urgently formulated and immediately implemented. The same must be part and parcel of India’s National Cyber Security Policy.

Cyber Security in India needs to be strengthened keeping in mind the growing cases of Cyber Attacks and Cyber Espionage attacks against India. Even Cyber Warfare against India is well known and is not new. Ensuring 100% cyber security is next to impossible. However, we can minimise Cyber Attacks. India has remained indifferent towards Cyber Security for long. This resulted in poor Cyber Security Capabilities and Expertise. It is only now that India has paid attention to this crucial field and it is still not too late.

India should definitely step up/accelerate its efforts to strengthen Cyber Security along with Traditional National Security Capabilities. Internet and Hidden Internet has opened new frontiers and unforeseen challenges before India. Internet is increasingly been used to not only propagate Terrorism propaganda but also to recruit new Terrorists.

To tackle Terrorists’ use of Internet, International Cooperation amongst Governments, Organisations, Internet companies and telcos could be helpful. For the time being, Cyber Criminals/Terrorists are one step ahead of various Governments and International Cooperation activities.

New technologies have also caused problems for India. For instance, Voice-over-Internet Protocol (VOIP) is one of the technical challenges that Law Enforcement and Intelligence Agencies across the world are finding difficult to tackle. However, of late strong Encryption usage has emerged as more troublesome that VOIP. Further, VOIP can be intercepted in certain circumstances.

Developing of Cyber Security Capabilities and Expertise is immediately required in India. There is also an urgent need to develop both Preventive and Offensive Cyber Security Capabilities of India. The sooner it is done the better it would be for the National Security of India.

Cyber Warfare Policy Of India As Suggested By Visionary Praveen Dalal In 2011

Cyber warfare is a complicated techno legal conflict of laws field that has remained unresolved for more than two decades. India lacks preventive and offensive cyber warfare capabilities despite strong recommendations in this regard by Visionary Praveen Dalal in 2011. Both Congress and BJP are responsible for this mess and negligence.

Cyber Warfare is a concept that is not clear yet. Some believe that there is nothing like Cyber Warfare as there is no involvement of traditional military actions. Others believe that Cyber Warfare is a reality of the present time and future wars would be fought in Cyberspace. Whatever the opinion may be but it is clear that Nations have to protect their Critical ICT Infrastructures and Strategic Computers from growing Cyber Attacks.

Cyber Warfare and Cyber Terrorism are issues that cannot be taken lightly by any Country. From these threats emerge the necessity of having a robust Cyber Security for Defense Forces in India. These issues are important as they strike at the very root of the Critical ICT Infrastructure Protection in India. However, India is not doing the needful in this regard. Cyber War Capabilities should be an Integral Part of Indian National Defense and Security.

India needs a sophisticated and robust Technological Command Centre to defend its global network of computer systems. It must develop both offensive and defensive capabilities under one roof. Strategic information and tactical inputs are essential part of modern warfare that can be lost or gained through Cyber War methods. There is no doubt that India needs good Cyber War Capabilities to meet the growing threats of Cyber Warfare.

Malware are posing significant threat to India yet there is no attention towards Cyber Security in India. For instance, we need Express Legal Provisions and Specified Policies to deal with issues like Denial of Service (DOS), Distributed Denial of Services (DDOS), Bots, Botnets, Trojans, Backdoors, Viruses and Worms, Sniffers, SQL Injections, Buffer Overflows Exploits, etc. Till now India has done nothing in this crucial direction and we are still waiting for the Cyber Security Policy and Strategy of India. Obviously, we have no Cyber Warfare Policy of India as well. Even the Cyber Law of India is weak and ineffective and deserves to be repealed.

The biggest hurdle before curbing Cyber Warfare Threats at the International level is Lack of Harmonisation in this regard. Till now we have no “Internationally Acceptable Definition” of Cyber Warfare. Further, we have no Universally Acceptable Cyber Crimes Treaty as well. There is also no International Cyber Security Treaty. India is not a part of any International Treaty or Conventions regarding Cyber Crimes, Cyber Security, etc.

We cannot have a Cyber Terrorism Policy in India till we have a Cyber Crimes Policy in India, Cyber Security Policy in India other similar Policies. Indian Government must urgently work in this crucial direction as it is the most urgent need of the hour.

Cyber Warfare Capabilities Must Be Developed In India Opined Visionary Praveen Dalal In 2011

In this interview from 2011, Visionary Praveen Dalal suggested that cyber warfare capabilities of India must be developed on priority basis. However, neither Congress nor BJP had the vision to do so and even in September 2022 this has not been done.

Cyber warfare is not a new term anymore. Although, its exact definition and scope is not clear yet none can deny the role of information warfare in the near future. Even India has also appreciated its importance. The best part is that this appreciation is coming from none other that the Prime Minister of India Dr. Manmohan Singh.

Dr. Manmohan Singh has issued clear directions to National Security Council (NSC) of India to work in the direction of establishment of cyber command authority (CCA) for India. Dr. Singh has also asked for putting in place an action plan before such an authority is set up. Dr. Singh has also rightly deferred the plan to set up CCA till a thorough review of the cyber threat is done.

However, India lacks proper expertise and training to undertake such an ambitious project and establish such an authority. We have a single techno legal cyber security research, training and education centre in India (CSRTCI). Further, we also have a single techno legal cyber security training and educational centre in India managed by Perry4Law Techno Legal Base (PTLB). Now Centre Of Excellence For Cyber Security Research And Development In India (CECSRDI) is maintaining techno legal cyber security issues of global stakeholders.

According to Praveen Dalal, CEO of Perry4Law Organisation (P4LO) and PTLB and Leading Techno Legal Expert of India, Cyber Warfare Capabilities have assumed tremendous importance these days. The future Cyber Warfare would be even more mysterious, anonymous and dangerous. Further, the Indian Government even need not to spend crores of cash for this purpose if it opts for “Open Source” Software, suggests Praveen Dalal.

So the matter boils down to appropriate cyber security policy and adequate techno legal training. Dr. Manmohan Singh must include as many institutions and individuals as possible so that cyber security of India may become robust and effective.

All Is Well Attitude Towards Cyber Security Of India Would Be Fatal Warns Visionary Praveen Dalal

India is a sitting duck in cyber security field and there is no doubt about that. Whether it is Congress or BJP, no political party paid the required attention to cyber security of India. Even when any govt tried to do so, industry and businesses have successfully pushed back a proactive cyber security system in India.

For instance, MSMEs of India are still not ready to comply with CERT-In’s cybersecurity rules. The India SME Forum wrote a letter to the govt seeking the 25-09-2022 deadline extension. Even if Modi govt does not allow such an extension, there would not be any material difference in this regard as hardly anybody reports cyber security breaches in India in any case.

From banks to directors of Indian companies, nobody takes cyber security breach reporting seriously. Telecom companies are worst affected as they actively harbour cyber criminals and cyber fraudsters who are exploiting their infrastructure without any fear and legal liabilities.

Authorities like Delhi Police are themselves useless as they lack technical capabilities and expertise to handle technology related crimes. Govt portals are just show pieces with no actual utility. You can report something there but no actual action is ever taken by such portals and authorities handling them. RBI Ombudsman is dead and there is no accountability of Indian banks to ensure robust cyber security for banking systems.

Similarly, Indian banks cannot even keep their servers up and running and expecting them to have secure systems is naive. RBI has done just lip service in this regard and online banking and digital payments are insecure in India. Bank customers are without any remedy except the one provided by Online Dispute Resolution (ODR) Portal of Visionary Praveen Dalal. ODR Portal of India is the only portal that is providing techno legal assistance to global stakeholders.

This all is well attitude for cyber security of India has persisted for almost two decades and no political party has the wisdom to bring the required and necessary changes. We have already lost a great deal of money in India to cyber criminals but the real damage is not even reported in media.

Monetary loss is just one aspect and other more dangerous and complicated aspects would be faced by India very soon. This all is well attitude would prove fatal to India in near future warns Visionary Praveen Dalal.

But if you are a serious player and you love India and its interest, contact ODR India Portal for your complete techno legal regulatory and compliance requirements in India and other jurisdictions. We would manage your cyber security, cyber law, digital evidencing, cyber forensic and many more techno legal regulatory and compliance needs.

Perry4Law Organisation (P4LO) and PTLB are managing the exclusive techno legal Centre of Excellence for Digital India Laws and Regulations in India (CEDILRI) since 2016. It is helping ODR India Portal to manage global techno legal regulatory and legal compliance of global stakeholders. Stay on the right side of law and contact ODR India Portal today for your techno legal regulatory and compliance needs.