Bharat National Cyber Security Exercise, 2024 - Harmonising Efforts in the Indian Cybersecurity Space
Sharisha Sahay
Research Analyst - Policy & Advocacy, CyberPeace
PUBLISHED ON
Dec 5, 2024
10
Introduction:
The National Security Council Secretariat, in strategic partnership with the Rashtriya Raksha University, Gujarat, conducted a 12-day Bharat National Cyber Security Exercise in 2024 (from 18th November to 29th November). This exercise included landmark events such as a CISO (Chief Information Security Officers) Conclave and a Cyber Security Start-up exhibition, which were inaugurated on 27 November 2024. Other key features of the exercise include cyber defense training, live-fire simulations, and strategic decision-making simulations. The aim of the exercise was to equip senior government officials and personnel in critical sector organisations with skills to deal with cybersecurity issues. The event also consisted of speeches, panel discussions, and initiatives such as the release of the National Cyber Reference Framework (NCRF)- which provides a structured approach to cyber governance, and the launch of the National Cyber Range(NCR) 1.0., a cutting-edge facility for cyber security research training.
The Deputy National Security Advisor, Shri T.V. Ravichandran (IPS) reiterated, through his speech, the importance of the inclusion of technology in challenges with respect to cyber security and shaping India’s cyber strategy in a manner that is proactive. The CISOs of both government and private entities were encouraged to take up multidimensional efforts which included technological upkeep but also soft skills for awareness.
CyberPeace Outlook
The Bharat National Cybersecurity Exercise (Bharat NCX) 2024 underscores India’s commitment to a comprehensive and inclusive approach to strengthening its cybersecurity ecosystem. By fostering collaboration between startups, government bodies, and private organizations, the initiative facilitates dialogue among CISOs and promotes a unified strategy toward cyber resilience. Platforms like Bharat NCX encourage exploration in the Indian entrepreneurial space, enabling startups to innovate and contribute to critical domains like cybersecurity. Developments such as IIT Indore’s intelligent receivers (useful for both telecommunications and military operations) and the Bangalore Metro Rail Corporation Limited’s plans to establish a dedicated Security Operations Centre (SOC) to counter cyber threats are prime examples of technological strides fostering national cyber resilience.
Cybersecurity cannot be understood in isolation: it is an integral aspect of national security, impacting the broader digital infrastructure supporting Digital India initiatives. The exercise emphasises skills training, creating a workforce adept in cyber hygiene, incident response, and resilience-building techniques. Such efforts bolster proficiency across sectors, aligning with the government’s Atmanirbhar Bharat vision. By integrating cybersecurity into workplace technologies and fostering a culture of awareness, Bharat NCX 2024 is a platform that encourages innovation and is a testament to the government’s resolve to fortify India’s digital landscape against evolving threats.
Ransomware is one of the serious cyber threats as it causes consequences such as financial losses, data loss, and reputation damage. Recently in 2023, a new ransomware called Akira ransomware emerged or surfaced. It has targeted and affected various enterprises or industries, such as BSFI, Construction, Education, Healthcare, Manufacturing, real estate and consulting, primarily based in the United States. Akira ransomware has targeted industries by exploiting the double-extortion technique by exfiltrating and encrypting sensitive data and imposing the threat on victims to leak or sell the data on the dark web if the ransom is not paid. The Akira ransomware gang has extorted a ransom ranging from $200,000 to millions of dollars.
Uncovering the Akira Ransomware operations and their targets
Akira ransomware gang has gained unauthorised access to computer systems by using sophisticated encryption algorithms to encrypt the Data. When such an encryption process is completed, the affected device or network will not be able to access its files or use its data.
The affected files by Akira ransomware showed the extension named “.akira”, and the file’s icon shows blank white pages. The Akira ransomware has developed a data leak site so as to extort victims. And it has also used the ransom note named “akira_readme.txt”.
Akira ransomware steeled the corporate data of various organisations, which the Akira ransomware gang used as leverage while threatening the affected organisation with high ransom demands. Akira Ransomware gang threaten the victims to leak their sensitive data or corporate data in the public domain if the demanded ransom amount is not paid. Akira ransomware gang has leaked the data of four organisations and the size ranges from 5.9GB to 259 GB of data leakage.
Akira Ransomware gang communicating with Victims
The Akira ransomware has provided a unique negotiation password to each victim to initiate communication. Where the ransomware gang deployed a chat system for the purpose of negotiation and demanding ransom from the affected organisations. They have deployed a ransom note as akira_readme.txt so as to provide information as to how they have affected the victim’s files or data along with links to the Akira data leak site and negotiation site.
How Akira Ransomware is different from Pegasus Spyware
Pegasus, developed in the year 2011, belongs to one of the most powerful family of spyware. Once it has infected, it can spear your phone and your text messages or emails. It has the ability to turn your phone into a surveillance device, from copying your messages to harvesting your photos and recording calls. In fact, it has the ability to record you through your phone camera or record your conversation by using your microphone, it also has the ability to track your pinpoint location. In contrast, newly Akira ransomware affects encrypting your files and preventing access to your Data and then asking for ransom n the pretext of leaking your data or for decryption.
How to recover from malware attacks
If affected by such type of malware attack, you can use anti-malware tools such as SpyHunter 5 or Malwarebytes to scan your system. These are the security software which can scan your system and remove suspicious malware files and entries. If you are unable to perform the scan or antivirus in normal mode due to malware in your system, you can use it in Safe Mode. And try to find a relevant decryptor which can help you to recover your files. Do not fall into a ransomware gang’s trap because there is no guarantee that they will help you to recover or will not leak your data after paying the ransom amount.
Best practices to be safe from such ransomware attacks
You must ensure that your database is regularly backed up and it is backed up offsite or in a separate network.
Make sure that you use anti-virus and internet security applications on all your connected devices such as PCs, laptops and mobile etc.
In your connected devices make sure to enable the automatic software updation feature as turned on.
Regularly monitor your devices and system logs for security check-ups and for detecting any suspicious activity.
Ignore the links or attachments of suspicious emails which are from an unknown sender to your organisation. Make sure to verify the sender’s details before entertaining such emails.
Conclusion
The Akira ransomware operation poses serious threats to various organisations worldwide. There is a high need to employ robust cybersecurity measures to safeguard networks and sensitive data. Organisations must ensure to keep their software system updated and backed up to a secure network on a regular basis. Paying the ransom is illegal mean instead you should report the incident to law enforcement agencies and can consult with cybersecurity professionals for the recovery method.
The judiciary as an institution has always been kept on a pedestal and is often seen as the embodiment of justice. From Dictatorship to Democracy, the judiciary plays a central role; even where the judiciary is controlled, the legitimacy of the policies, in one sense or another, is derived from it. In democracies around the world, the independence and well-being of the judiciary are seen as the barometer of democracy’s strength. In this global age, where technology is omnipresent, it seems the judiciary is no exception. Now more than ever, when the judiciary is at the centre of evaluative focus, it becomes imperative to make the judiciary transparent. Digitisation of the judiciary is not just an administrative reform; it is an extension of constitutionalism into the technological realm, an effort to ensure that justice is accessible, transparent, and efficient. On July 25, which is the International Day on Judicial Well-being, is commemorated every year with a clear message that judicial well-being supports “anti-corruption, access to justice, and sustainable peace.”
Digitisation by Design: Justice in the Age of Transformation
The Prime Minister of India envisioned the future of the Indian legal system in alignment with the digitised world, as when he said, “Technology will integrate police, forensics, jails, and courts, and will speed up their work as well. We are moving towards a justice system that will be fully future-ready,” he said, almost predicting the future. Although there are many challenges in the face of this future, there are various initiatives that ease the transition. To clarify, India is streamlining operations, reducing delays, and enhancing access to justice for all by integrating AI into legal research, case management, judicial procedures, and law enforcement. Machine Learning (ML), Natural Language Processing (NLP), Optical Character Recognition (OCR), and predictive analytics are just a few of the AI-powered technologies that are currently being used to increase crime prevention, automate administrative duties, and improve case monitoring.
The digitisation of Indian courts is a structural necessity rather than just a question of contemporary convenience. Miscarriages of justice have frequently resulted from the growing backlog of cases, challenges with maintaining records, and the loss of physical files. In the seminal case of State of U.P. v. Abhay Raj Singh, the courts acknowledged that a conviction could be overturned by missing records alone. With millions of legal documents at risk, digitisation becomes a shield against such a collapse and a tool for preserving judicial memory.
Judicial Digitalisation in India: Institutional Initiatives and Infrastructural Advancements
For centuries, towering bundles of courtroom files stood as dusty monuments to knowledge, sacred, chaotic, and accessible to a select few. But as we now stand in 2025, the physical boundaries of a traditional courtroom have blurred, and the Indian government is actively working towards transforming the legal system. The e-Courts Mission Mode Project is a flagship initiative that aims to utilise Information and Communication Technology (ICT) to modernise and advance the Indian judiciary. This groundbreaking effort, led by the Department of Justice, Government of India, is being carried out in close coordination with the Supreme Court of India’s e-Committee. As a news report suggests, the Supreme Court (SC) held 7.5 lakh hearings through video conferencing between 2020 and 2024, as stated by the Ministry of Law and Justice, responding to a query in the Rajya Sabha on Thursday. Technological tools such as the Supreme Court Vidhik Anuvaad Software (SUVAS), the Case Information Software (CIS), and the Supreme Court Portal for Assistance in Court’s Efficiency (SUPACE) were established to make all pertinent case facts easily available. In another move, the Registry, SC, in close coordination with IIT, Madras, has created and implemented AI and ML-based technologies that are integrated with the Registry’s electronic filing software. This serves as a statement to the fact that cybersecurity and digital infrastructure are no longer administrative add-ons but essential building blocks for ensuring judicial transparency, efficiency, and resilience.
E-Governance and Integrity: The Judiciary in Transition
The United Nations recognises the fundamentals of the judiciary’s well-being and how corruption acts like water to the rust and taints the integrity of not a single judge in general but creates a perception of the whole institution. This threat of corruption is recognised by the United Nations Convention against Corruption (UNCAC), particularly Article 11, which urges the protection of the judiciary’s independence and integrity. Digitisation, while it cannot operate in a vacuum, acts as a structural antidote to corruption by embedding transparency into the fabric of justice delivery as automated registry systems, e-filing, and real-time access to case data drastically reduce discretionary power and the potential for behind-the-scenes manipulation. However, digital systems are only as ethical as the people who design, maintain, and oversee them, bringing their own limitations.
Conclusion: CyberPeace and the Future of Ethical Digital Justice
The potential of digitalisation resides not just in efficiency but also in equity, as India’s judiciary balances tradition and change. A robust democracy, where justice is lit by code rather than hidden under files, is built on a foundation of an open, accessible, and technologically advanced court. This change is not risk-free, though. Secure justice must also be a component of digital justice. The very values that digitisation seeks to preserve are at risk from algorithmic opacity, data breaches, and insecure technologies.
Our vision is not just of a digitalised court system but of a digitally just society, one where judicial data is protected, legal processes are democratised, and innovation upholds constitutionalism. Therefore, as a step forward, CyberPeace resolves to support AI upskilling for legal professionals, advocate for secure-by-design court infrastructure, and facilitate dialogue between technologists and judicial actors to build trust in the digital justice ecosystem. CyberPeace is dedicated to cyber transparency, privacy protection, and ethical AI.
Online Gaming has gained popularity over the past few years, attracting young players worldwide and global concerns. In response to the growing fame of this industry, the Indian government has recently announced introducing a set of regulations to address various concerns and ensure a safer and more regulated online gaming environment. In this blog post, we will explore the critical aspects of these regulations and their impact on the gaming industry.
Why are Regulations needed?
Recently some games faced a ban in India – games that involve betting, games that can be harmful to the user, and games that involve a factor of addiction. Furthermore, with rising popularity, With the exponential rise of online gaming platforms in India, extensive laws to safeguard players and ensure fair gameplay needs to be implemented. Players’ protection is one of the critical factors addressing the issues which involve online addiction, underage involvement, fraud, and data privacy has become critical for the well-being of Indian gamers.
Regulatory Ambiguity: The previous legislative structure, such as the outmoded Public Gambling Act of 1867, required an update to fit the digital gambling age fully.
Outline of the New Regulations
Implementing new regulations for online gaming in India represents the government’s commitment to addressing different issues and ensuring a safer and more regulated gaming sector. Let’s have a look at these rules in detail:
National-Level Standards: The Indian government is currently working on creating national-level standards to standardise online gaming practices across all states. These rules attempt to create a uniform platform for both operators and participants. The government has also made an announcement to set SRO within 90 days to regulate online gaming.
Licencing and Compliance: To legally operate in the Indian market, online gaming firms must secure licences. The operator’s financial soundness, security measures, and adherence to responsible gaming practices will be scrutinised throughout the licencing process. Operators will need to comply with the regulations in order to maintain operations.
Measures to Promote Ethical Gaming: The new regulations emphasise player protection and ethical gaming practices. This includes steps like age verification to prevent underage involvement, self-exclusion choices for gamers who want to limit their gaming activities, and adopting tools like session limits and reality checks to promote responsible gaming.
Data Privacy: Recognising the importance of data privacy, the laws are intended to contain protections for protecting user data. To safeguard sensitive player information from unauthorised access or exploitation, online gambling operators must comply with data protection regulations and deploy strong security measures.
Restrictions on Advertising and Marketing: The legislation may limit the advertising and marketing of online gaming platforms. The emphasis will be on eliminating aggressive marketing tactics that target vulnerable people, such as kids. Stricter standards for ad content and placement may be implemented.
Anti-Fraud and Anti-Money Laundering Measures: To combat criminal activity within the gaming ecosystem, the new legislation will almost certainly force online gambling companies to employ anti-fraud and anti-money laundering measures. Operators may need to set up mechanisms to detect fraud, report suspicious activity, and work with law enforcement.
Consumer Grievance Redressal: The legislation may emphasise the construction of efficient channels for resolving consumer complaints. Players should be able to report difficulties, seek resolution, and offer feedback on their play experiences through channels. The objective is to create a transparent and accountable conflict resolution mechanism.
Impact on Online Gaming Ecosystem
Adopting new laws for online gambling in India will likely have several consequences for the gaming industry. Let us look at some of these consequences:
Increased Player Trust: Implementing restrictions will increase player confidence in online gaming platforms. Establishing clear rules and procedures and steps to safeguard participants’ interests will develop a sense of trust and transparency. This can lead to increased participation and engagement in the gaming community.
Industry Consolidation: Stricter restrictions may result in industry consolidation. Compliance with the new legislation would need resources and investments, which might favour more prominent and more established gambling firms. Smaller and more non-compliant operators may find it challenging to fulfil regulatory standards, resulting in a more consolidated gaming sector.
Technological Progress: The requirement to comply with rules could lead to technological advancements in the online gambling sector. Operators may invest in modern identity verification systems, fraud detection methods, and responsible gaming solutions to satisfy their regulatory requirements. This can result in technological breakthroughs that improve gamers’ overall gaming experience.
Foreign Investment and Collaboration: Clear laws might entice overseas investors to enter the Indian gaming business. The regulated environment may appeal to international gambling enterprises looking to enter or extend their presence in India. Collaborations between Indian and foreign gaming firms may also expand, resulting in the sharing of experience, resources, and the production of high-quality gaming products.
Legal Clarity: Implementing particular laws would give online gambling operators and users clearer legal standards. This transparency can eliminate ambiguity and possible legal issues, allowing stakeholders to navigate the gaming ecosystem with better confidence and knowledge.
Contribution to the Indian Economy: A well-regulated online gaming business has the potential to contribute to the Indian economy. It has the potential to create jobs, attract investment, and produce tax money for the government. The economic effect of the gaming ecosystem is expected to increase as it grows under the new restrictions.
Challenges and Future Approach
One of the toughest challenges will be the efficient implementation and enforcement of the new regulations. Consistency in applying the legislation across multiple jurisdictions and guaranteeing compliance by all operators would necessitate comprehensive monitoring and regulatory measures. Developing suitable enforcement organisations and transparent standards for reporting and dealing with noncompliance will be critical. Besides this, online gaming is open to more than area-specific and many gaming platforms and operates internationally. Ensuring cross-border operations is a big challenge in addressing jurisdictional challenges will be complex. Collaborative efforts between nations can regulate cross-border online gaming. There may be increased collaboration between Indian and foreign gaming firms, resulting in the exchange of information, skills, and resources. This partnership can help the Indian gaming sector flourish while attracting foreign players and investments.
Esports Development: Esports have grown in popularity worldwide, and India is no exception. The Indian esports business has the potential to thrive with proper regulation and support, drawing both players and viewers. Esports-specific factors like player contracts, tournament integrity, and licencing requirements may be addressed in the regulations.
Conclusion
Despite obstacles, India’s new online gambling legislation can potentially establish a safer and more regulated gaming sector. the future depends on successful implementation, adjusting to a shifting landscape, finding the correct balance between regulation and innovation, and promoting ethical gaming practices. The Indian online gaming business can develop sustainably with the appropriate strategy, benefiting gamers and the broader economy.
Become a part of our vision to make the digital world safe for all!
Numerous avenues exist for individuals to unite with us and our collaborators in fostering global cyber security
Awareness
Stay Informed: Elevate Your Awareness with Our Latest Events and News Articles Promoting Cyber Peace and Security.
Your institution or organization can partner with us in any one of our initiatives or policy research activities and complement the region-specific resources and talent we need.