• Cyberattack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization.
• The recent hacking events have exposed India’s weak cyber security infrastructure.
• The first was the ransomware attack on the servers of India’s premium institute, the All India Institute of Medical Sciences (AIIMS).
• Nearly 40 million health records were compromised.
• it took over two weeks for the systems to be brought online.
• Soon afterwards a ransomware gang name "Blackcat" has breached the parent company of Solar Industries Limited, one of the Ministry of Defence’s ammunition and explosives manufacturers.
• It has extracted over 2 Terabyte of data.

Issues in current digital network which increasing Growing vulnerability

• Ransomwares have emerged as the most predominant of malicious cyberattacks.
• The perpetrators demand hefty payments for the release of withheld data.
• Data show that over 75% of Indian organisations have faced such attacks, with each breach costing an average of ₹35 crore of damage.
• There are many other malwares that could infect all kinds of computer systems.
• With the lines between the physical and digital realms blurring rapidly, every critical infrastructure, from transportation, power and banking systems, would become extremely vulnerable to the assaults from hostile state and non-state actors.
• Cyber capabilities are also playing a pivotal role.
• As seen in the ongoing conflict in Ukraine, where electronic systems in warheads, radars and communication devices have reportedly been rendered ineffective using hacking and GPS jamming.
• With the introduction of 5G and the arrival of quantum computing, the potency of malicious software, and avenues for digital security breaches would only increase.
• India’s cybersecurity strategy would do well not to overlook these actualities and trends.
• Most of the organisations are in the private sector, and their participation remains limited in India’s cybersecurity structures.

Steps taken by Government for Cyberattacks

• In 2022, the Indian Computer Emergency Response Team (CERT-In), which is India’s cybersecurity agency, introduced a set of guidelines for organisations to comply with when connected to the digital realm.
• This included the mandatory obligation to report cyberattack incidents within hours of identifying them, and designating a points person with domain knowledge to interact with CERT-In.
• India’s draft Digital Personal Protection Bill 2022 proposes a penalty of up to ₹500 crores for data breaches.
• India’s armed forces created a Defence Cyber Agency (DCA), capable of offensive and defensive manoeuvres.
• All Indian States have their own cyber command and control centres. 

Global efforts to fight against cyberattacks

• India has already signed cybersecurity treaties, where the countries include the United States, Russia, the United Kingdom, South Korea and the European Union.
• Even in multinational frameworks such as the Quad and the I2U2 Group there are efforts to enhance cooperation in cyber incident responses, technology collaboration, capacity building, and in the improvement of cyber resilience.
• Yet, there is no truly global framework, with many operating in silos.
• Previous years have seen the United Nations General Assembly establish two processes on the issues of security in the information and communication technologies (ICT) environment.
• Open-ended Working Group (OEWG), comprising the entire UN membership, established through a resolution by Russia.
• U.S., on the continuation of the Group of Governmental Experts (GGE), comprising 25 countries from all the major regions. 

Global challenges to fight against cybercrimes

• With most cyberattacks originating from beyond borders, international cooperation would be critical to keep digital space secure.
• In 2023, cybercrimes are expected to cause damage worth an estimated $8 trillion worldwide.
• There is absence of truly global framework to fight against global cybercrimes, with many operating in silos.
• The two antagonistic permanent members of the UN Security Council, counted among India’s most important strategic partners, differ vastly on many aspects of the Internet, including openness, restrictions on data flow, and digital sovereignty.
• Based on adoption, member-states have found the two resolutions to be complementary, and not mutually exclusive.
• Amidst the turbulent current world events, these UN groups would struggle to have effective dialogues.

Suggestions to fight against global cybercrimes

• The G-20 summit this year in India, which will see participation by all the stakeholders driving the global levers of power, is a rare opportunity to bring together domestic and international engagement groups across the spectrum, and steer the direction of these consultations.
• India could make an effort to conceptualise a global framework of common minimum acceptance for cybersecurity.
• This would be one of the most significant contributions made by any nation towards collective security in modern times.
• Private companies in India should look at the Digital Geneva Convention, where over 30 global companies have signed a declaration to protect users and customers from cyber breaches, and collaborate with like-minded intergovernmental and state frameworks.

By G-20 president ship, India has opportunities to create global cyber security framework and comprehensive domestic for cybersecurity. India needs to secure its computing environment and IoT with current tools, patches, updates and best known methods in a timely manner. Indian government should defend cyberattack by develop by core skills in cyber security, data integrity and data security fields while also setting stringent cyber security standards to protect banks and financial institutions.