#FactCheck - Viral Video of Argentina Football Team Dancing to Bhojpuri Song is Misleading

Introduction

Attacks by cybercriminals targeting national critical infrastructure are increasing at an unsettling rate. Such attacks have the potential to do severe damage by upsetting transportation networks, utilities, financial services, and other vital infrastructure. The physical and digital systems that underpin a nation's economy are known as critical infrastructure thus if they were to be disrupted, there would be serious risks to the economy and public health and safety. Establishing proper cybersecurity measures and protecting those digital systems from possible threats or cyberattacks is necessary. Both public and private sector assets are included in these essential infrastructure categories.

Nationwide alert:

Recently one of the biggest hacker organizations has warned of an upcoming cyberattack on the critical infrastructure and websites in India, causing a countrywide alert. A gang of hackers from Indonesia and Pakistan, celebrating 4,000 members, announced a planned “Cyber Party” on 11 December 2023. The event’s claimed goal is to compromise and disrupt India's digital infrastructure. They disclosed this information on their Telegram channel.

This hacker organization holds a record of launching extensive cyberattacks; in the past, it sent out a "red notice" that was intended to target 12,000 websites run by the Indian government. They have previously attacked other nations, such as Israel, Sweden, and the United States. Their reasons are varied and might include anything from assaults on certain groups to religious disagreements.

The gang has also been acclaimed for hacking into a New York City police agency, obtaining health and social media data from Israel, and exposing information from Swedish social media users. These alarming events show how urgently strong and all-encompassing cybersecurity measures are needed, not only in India but throughout the world.

Effect(s) on India

1.  Central Agencies Are Alert, Expect Health Sector Attacks: The cyberinfrastructure of the health sector has been a common target of assaults, particularly in the aftermath of the COVID-19 epidemic, which has authorities particularly concerned. Relevant ministries have received notifications from central authorities advising them to take precautions against unwanted access. The security of digital infrastructure is seriously challenged by the constantly changing panorama of cyber-attacks, according to those who are aware of the warning and threat.

2. National security concerns: Because of the interconnectedness of critical national infrastructure, a cyberattack may have an impact on national security. Attacks against defense networks, intelligence organizations health infrastructure, or military systems, for instance, might make it more difficult for the nation to respond to threats from outside.

3.    Concerns for Public Safety and Health: Cyberattacks on healthcare systems run the risk of compromising patient data, stopping medical procedures, and even endangering the general public's health. This might have potentially fatal results in urgent circumstances.

4.  Data Breach and Privacy Issues: Stealing confidential data is a common component of cybersecurity assaults. A breach of critical infrastructure systems might result in sensitive data, including personal information, being misused and accessed without authorization, raising privacy issues.

Preventive and protective measures

1.    The plan for responding to incidents: Make sure a clear incident response strategy is in place, with a focus on healthcare systems, and that it is especially designed to handle cyber-attacks on critical infrastructure.

2.  Better Tracking: Observing vital networks, systems, and data flows more closely, especially in the healthcare industry. Using cutting-edge threat detection technologies to spot odd or questionable activity.

3.   Critical System Isolation: Cutting off vital healthcare systems from the wider network to reduce the chance of attackers moving laterally.

4.   Continual Backups: Make sure that backup copies of important data and systems are kept in a safe, isolated location by regularly backing them up. In the event of a ransomware attack or data breach, this makes recovery easier.

5.    Update and patch systems: Make sure that all operating systems and apps utilized in the infrastructure of the healthcare industry are updated with the most recent security updates.

6. Protocols for Communication: In the case of a cyber-incident, establishing explicit communication mechanisms to guarantee that pertinent parties are notified as soon as possible. This covers correspondence with law enforcement, the public, and other members of the healthcare industry as needed.

Conclusion

Urgent preventative actions are essential in response to an impending cyber threat revealed by a large hacker organization that is targeting India's key infrastructure, specifically the healthcare sector. The interconnectedness of this infrastructure puts public safety, privacy, and national security in danger. A crucial defensive approach is formed by the proactive measures mentioned, which include communication protocols, system isolation, improved monitoring, incident response preparation, and frequent backups. The dangers underline the necessity of international collaboration in tackling cybersecurity issues and the requirement for shared responsibility of everyone to safeguard digital networks. To reduce risks and guarantee the resilience of vital national infrastructure in the face of changing cyber threats, authorities must continue to develop and adapt their cybersecurity tactics.

References:

• https://www.cnbctv18.com/technology/exclusive--nationwide-alert-sounded-as-hacker-group-plans-cyber-party-to-attack-indias-critical-digital-infra-18520021.htm
• https://www.the420.in/ndian-authorities-high-alert-hacker-groups-threaten-cyber-assault/
• https://www.cnbctv18.com/technology/exclusive--nationwide-alert-sounded-as-hacker-group-plans-cyber-party-to-attack-indias-critical-digital-infra-18520021.htm#:~:text=By%20News18.com%20Dec%208,%3A58%20AM%20IST%20(Published)&text=A%20nationwide%20alert%20has%20been,Indian%20websites%20and%20critical%20infrastructure
• https://verveindustrial.com/resources/blog/critical-infrastructure-cyber-security/

Pretext

On 20th October 2022, the Competition Commission of India (CCI) imposed a penalty of Rs. 1,337.76 crores on Google for abusing its dominant position in multiple markets in the Android Mobile device ecosystem, apart from issuing cease and desist orders. The CCI also directed Google to modify its conduct within a defined timeline.  Smart mobile devices need an operating system (OS) to run applications (apps) and programs. Android is one such mobile operating system that Google acquired in 2005. In the instant matter, the CCI examined various practices of Google w.r.t. licensing of this Android mobile operating system and various proprietary mobile applications of Google (e.g., Play Store, Google Search, Google Chrome, YouTube, etc.).

The Issue

Google was found to be misusing its dominant position in the tech market, and the same was the reason behind the penalty. Google argued about the competitive constraints being faced from Apple. In relation to understanding the extent of competition between Google’s Android ecosystem and Apple’s iOS ecosystem, the CCI noted the differences in the two business models, which affect the underlying incentives of business decisions. Apple’s business is primarily based on a vertically integrated smart device ecosystem that focuses on the sale of high-end smart devices with state-of-the-art software components. In contrast, Google’s business was found to be driven by the ultimate intent of increasing users on its platforms so that they interact with its revenue-earning service, i.e., online searches, which directly affects the sale of online advertising services by Google. It was seen that google had created a dominant position among the android phone manufacturers as they were made to have a set of google apps preinstalled in the device to increase the user’s dependency on google services. The CCI felt that Google had created a dominant position to which they replied that the same operations are done by Apple as well, to which the commission responded that apple is a phone and app manufacturer and they have Apple-owned apps in Apple devices only, but Google here in had made a pseudo mandate for android manufactures to have the google apps pre-installed which is, in turn, a possible way of disrupting the market equilibrium and violative of market practices. The CCI imposed a penalty of Rs. 1,337.76 for abusing its dominant position in multiple markets in India, CCI delineated the following five relevant markets in the present matter –

• The market for licensable OS for smart mobile devices in India
• The market for app store for Android smart mobile OS in India
• The market for general web search services in India
• The market for non-OS specific mobile web browsers in India
• The market for online video hosting platforms (OVHP) in India.

Supreme Courts Opinion

In October 2022, the Competition Commission of India (CCI) ruled that Google, owned by Alphabet Inc, exploited its dominant position in Android and told it to remove restrictions on device makers, including those related to the pre-installation of apps and ensuring exclusivity of its search. Google lost a challenge in the Supreme Court to block the directives, as the learned court refused to put a stay on the imposed penalty, further giving seven days to comply. The Supreme Court has said a lower tribunal—where Google first challenged the Android directives—can continue to hear the company’s appeal and must rule by March 31.

Counterpoint Research estimates that about 97% of 600 million smartphones in India run on Android. Apple has just a 3% share. Hoping to block the implementation of the CCI directives, Google challenged the CCI order in the Supreme Court by warning it could stall the growth of the Android ecosystem. It also said it would be forced to alter arrangements with more than 1,100 device manufacturers and thousands of app developers if the directives kick in. Google has been concerned about India’s decision as the steps are seen as more sweeping than those imposed in the European Commission’s 2018 ruling. There it was fined for putting in place what the Commission called unlawful restrictions on Android mobile device makers. Google is still challenging the record $4.3 billion fine in that case. In Europe, Google made changes later, including letting Android device users pick their default search engine, and said device makers would be able to license the Google mobile application suite separately from the Google Search App or the Chrome browser.

‍

Conclusion

As the world goes deeper into cyberspace, the big tech companies have more control over the industry and the markets, but the same should not turn into anarchy in the global markets. The Tech giants need to be made aware that compliance is the utmost duty for all companies, and enforcement of the law of the land will be maintained no matter what. Earlier India lacked policies and legislation to govern cyberspace, but in the recent proactive stance by the govt, a lot of new bills have been tabled, one of them being the Intermediary Rules 2021, which has laid down the obligations nand duties of the companies by setting up an intermediary in the country. Such bills coupled with such crucial judgments on tech giants will act as a test and barrier for other tech companies who try to flaunt the rules and avoid compliance.

Introduction

The US national cybersecurity strategy was released at the beginning of March this year. The aim of the cybersecurity strategy is to build a more defensive and resilient digital mechanism through general investments in the cybersecurity infrastructure. It is important to invest in a resilient future, And the increasing digital diplomacy and private-sector partnerships, regulation of crucial industries, and holding software companies accountable if their products enable hackers in.

What is the cybersecurity strategy  

The US National cybersecurity strategy is the plan which organisations pursue to fight against cyberattacks and cyber threats, and also they plan a risk assessment plan for the future in a resilient way. Through the cybersecurity strategy, there will be appropriate defences against cyber threats.

US National Cybersecurity Strategy-

the national cybersecurity strategy mainly depends on five pillars-

1. Critical infrastructure- The national cybersecurity strategy intends to defend important infrastructure from cyberattacks, for example, hospitals and clean energy installations. This pillar mainly focuses on the security and resilience of critical systems and services that are critical.
2. Disrupt & Threat Assessment- This strategy pillar seeks to address and eliminate cyber attackers who endanger national security and public safety.
3. Shape the market forces in resilient and security has driven-
4. Invest in resilient future approaches.
5. Forging international partnerships to pursue shared goals.

Need for a National cybersecurity strategy in India –

India is becoming more reliant on technology for day-to-day purposes, communication and banking aspects. And as per the computer emergency response team (CERT-In), in 2022, ransomware attacks increased by 50% in India. Cybercrimes against individuals are also rapidly on the rise. To build a safe cyberspace, India also required a national cybersecurity strategy in the country to develop trust and confidence in IT systems.

Learnings for India-

India has a cybersecurity strategy just now but India can also implement its cybersecurity strategy as the US just released. For the threats assessments and for more resilient future outcomes, there is a need to eliminate cybercrimes and cyber threats in India.

Shortcomings of the US National Cybersecurity Strategy-

• The implementation of the United States National Cybersecurity Strategy has Some problems and things that could be improved in it. Here are some as follows:

• Significant difficulties: The cybersecurity strategy proved to be difficult for government entities. The provided guidelines do not fulfil the complexity and growing cyber threats.
• Insufficient to resolve desirable points: the implementation is not able to resolve some, of the aspects of national cybersecurity strategies, for example, the defined goals and resource allocation, which have been determined to be addressed by the national cybersecurity strategy and implementation plan.
• Lack of Specifying the Objectives: the guidelines shall track the cybersecurity progress, and the implementation shall define the specific objectives.
• Implementation Alone is insufficient: cyber-attacks and cybercrimes are increasing daily, and to meet this danger, the US cybersecurity strategy shall not depend on the implementation. However, the legislation will help to involve public-private collaboration, and technological advancement is required.
• The strategy calls for critical infrastructure owners and software companies to meet minimum security standards and be held liable for flaws in their products, but the implementation and enforcement of these standards and liability measures must be clearly defined.

Conclusion

There is a legitimate need for a national cybersecurity strategy to fight against the future consequences of the cyber pandemic. To plan proper strategies and defences. It is crucial to avail techniques under the cybersecurity strategy. And India is increasingly depending on technology, and cybercrimes are also increasing among individuals. Healthcare sectors and as well on educational sectors, so to resolve these complexities, there is a need for proper implementations.