COMPARISON CYBERSECURITY FARMEWORK IN INDIA &UK

INTRODUCTION

“If security were all that mattered computers would never be turned on, let alone hooked into a network with literally millions of potential intruders[1]”

–Dan Farmer

Let’s suppose we are in 2030 where cyber threats can come from any level of your daily interactions in society or in workspace. Like we hear banks reports breach of confidential data from their servers. Government websites are hacked with threatening messages pop up all across the screens. The energy and nuclear power plants control systems infringed by strange viruses. In 30 minutes, the country’s critical infrastructure collapses and within an hour it becomes clear that the country has become a victim of coordinated cyberattack- Cyberwar.

                     Can we imagine this kind of nation in future or we need to improve our status in cyber world? As per the reports India’s digital divide remains huge as more than 400 million people still do not have access to internet and rest who are using internet doesn’t have idea how to use it. Digital illiteracy become a major threat for our country many of us didn’t know about the data we are share is authentic or fake? Privacy on digital platform such as social media application etc. is just a myth.

                   Gone those days where simple firewalls and antivirus software being our sole measures to prevent our data privacy. There is an urge has been raised to educate our people about cyber scams such as Phishing, Ransomware attacks like WannaCry and Malware designed to steal our personal data. General Data Protection Regulation (GDPR) and other laws mean that cybersecurity is no longer something businesses of any size can ignore. We have potential to dream of Digital India where cybersecurity becomes an integral part of our national security guidelines.

“If we are not yet serious about our Cybersecurity we should be now.”

KEY FINDING IN HISTORY

In India and the UK, the historical sense of cyber security has influenced policy development in India and the United Kingdom. It’s important in this field. Particularly:

1. For much longer than in India, cyber security has been a regulatory priority in the UK, and Consequently, the UK has a much better-defined cyber security strategy and structure. Interestingly, however, India ranked fifth on the Global Cyber Security Ranking of the ITU. For 2014, which tests and ranks countries on the basis of internal cybersecurity commitment[2].
2. Both countries have failed to adapt current legislation to rapid technological advances, preferring instead to create new laws or new organizations explicitly based on cyber security.
3. In view of the increasing challenge posed by organized actors, including international actors and terrorist groups, a major focus of cyber security in both countries has been on national security. Therefore, both countries have sought to broaden the influence of cyber security through security legislation.
4. In stark contrast to India, which is just inching towards becoming a major player in cyber diplomacy, the UK’s foreign sphere of control has also been exercised through its enhanced cyber security capabilities, becoming part of the ‘five eyes’ surveillance alliance

COMPHRENSIVE STUDY OF CYBERSECURITY OF INDIA & UK

DATA PROTECTION

Maintaining data bases is not as difficult as maintaining its credibility, so a perfect data security approach is being innovated in this period by the most concerned discussion. A transition to the standard took place with the progress of technological growth. Crimes. Much of the crimes was perpetrated in the present period. Professionals have done it through the simplest medium, i.e., Electronic devices and machines. The offenders are able to obtain the protected information only with a single click. In the growth of cybercrime, the lust for information serves as a catalyst.

                         While our lifestyle has been streamlined by this planet, it has left some Abnormalities in the item acquisition, which culminated in the disclosure of details involuntarily. From these illustrations, this can be discussed-

• On any login in the cyber cafes to the e-mail account, the electronic password trace remained unsecured there.
•  For every use of credit card for the purpose of shopping, the Brand choice trail, venue of shopping etc. left behind.
•  A mobile gadget is left behind on any Internet connection. Trail that makes owners of blogs and advertisement agencies to get access to the users’ needs and choices Through monitoring them
• The Naxalites quickly trace phone call signals from the police, allowing them to know about police plans.
• The most favourite act of the miscreants is source code stealing. The normal method of receiving unsolicited e-mails is also the users’ personal records.
• Hackers will whimsically adjust anyone’s account by hacking[3].

The legislation relating to privacy given under the framework of Article 21 of constitution of India. On August 2017, the right to privacy under the Constitution of India was legitimized by a nine-judge bench of the Supreme Court in the Puttaswamy Case[4]. Its interpretation is deemed inadequate to provide the data with proper security. In the year 2000, our legislators made an attempt to resolve computer system-related privacy concerns under the IT Act, 2000. There are also clauses of this Act that offer safeguards for stored records. In 2006, a law known as “The Personal Data Privacy Bill” was also passed by our legislature to protect personal data.

                             U.K. parliament framed its Data Protection Act (DPA) in the year 1984 which thereafter repealed by the DPA of 1998. This Act is basically instituted for the purpose of providing protection and privacy of the personal data of the individuals in UK. The Act covers data which can be used to identify a living person. This includes names, birthday, anniversary dates, addresses, telephone numbers, fax numbers, e-mail addresses etc

CRYPTOCURRENCY

 Cryptocurrencies are not legal tender in India, and the government has made it very difficult for them to operate while exchanges are legal. While there is still a lack of clarification on the tax status of cryptocurrencies, the chairman of the Direct Taxation Central Board said that they would have to pay taxes on those producing Bitcoin incomes and There was no description of the word ‘cryptocurrency’ or ‘virtual currency’ under any statue in India. The government of India seems to be looking into the prospect of legislation on less prohibitive cryptocurrencies. In 2017, a committee was created by the Special Secretary of Economic Affairs to recommend how to deal with the possible cryptocurrency-related AML/CFT and consumer security concerns[5]. 

                   There are no laws in the United Kingdom specifically regulating cryptocurrencies, such as bitcoin, Ethereum, Litecoin, etc. The Bank of England governor allegedly stated that it is necessary to regulate cryptocurrencies: a better way would be to regulate elements of the crypto-asset ecosystem to combat illicit activities, promote market integrity, and protect security and soundness of the financial system.Section 2A of the 1998 Bank of England Act specifies that the Bank of England is responsible for protecting and improving the stability of the financial system of the United Kingdom. According to this objective, the Bank has considered the risk that cryptocurrencies pose to the stability of the financial markets of the United Kingdom and has determined that the size of the market for cryptocurrencies is currently not sufficiently large to ensure the stability of the financial markets of the United Kingdom to pose a “material risk to monetary or financial stability” in the United Kingdom.

DEEPFAKES

The dissemination of fake news is one of the key problems of today’s digital world. False news or false news is fairly popular and is circulating at a higher rate nowadays thanks to social media. It was pointed out in numerous studies that most of the incidences involving the distribution of fake news in terms of the immoral sense are created mainly by “WhatsApp” where most of the data are shared.

                          In UK is facing a crisis in democracy due to the systemic abuse of data in cyberspace, according to Hill and Bradshaw (2018). It will be recommended, among other laws, that businesses providing such services are obliged to operate against fake or unlawful content and that their security mechanisms be routinely audited. In the midst of the increasing false news, the authorities would have to place a fine on WhatsApp, which may amount to EUR 500 thousand. The breach of the British data security legislation and the inability to properly safeguard the privacy of its consumer. While India the dissemination of fake news and videos has become a new headache for the country, with over 200 million users in India, the world’s largest WhatsApp market. The intense opposition of these activities was conveyed to the top management of WhatsApp and they were told that the appropriate disciplinary steps had to be taken. Despite these demonstrations, the truth is that the Indian legal system expected in reality, it has some teeth to counter instances of false news or rumours, in Section 79 of the IT Act,2000 imposes a duty on them, subject to take-down notices by statute, to delete all such material by law enforcement agencies[6].

RANSOMWARE

WannaCry is an example of crypto ransomware, a type of malicious software used for extorting money by cybercriminals. Ransomware achieves this either by encrypting sensitive files so that you can’t open them, or by locking you out of your system so that you can’t use them. Crypto ransomware is called ransomware that uses cryptography. Locker ransomware is called the form that locks you out of your computer. WannaCry holds the data hostage, like other crypto-ransomware forms, offering to restore it if you pay a ransom. Using Microsoft Windows as an operating system, WannaCry attacks machines. It encrypts data and requests the payment of a ransom for its return in the cryptocurrency Bitcoin.

                        In India Gulshan Rai, the PMO’s Cyber Security Chief, said there were no significant accidents in India. “The Indian Computer Emergency Response Team (CERT-In), as a prevention mechanism, issued an advisory request for organizations to install Windows system updates, “a potential remote manipulation”. This flaw the department recommended that the Microsoft released fix be introduced. Just around 5 % of attacks have been registered in India, according to Kaspersky. “The manufacturer of antivirus software, Quick Heal Technologies Ltd, said it has detected “over 48,000 MS-17-010 Shadow Broker exploit hits detected responsible for ‘WannaCry ransomware’ epidemic in India, with the most cases experienced in West Bengal. Worldwide ransomware attack Around 230,000 machines were struck globally by the WannaCry ransomware threat. A Spanish telecom firm, Telefónica, was one of the first companies affected. Thousands of NHS hospitals and surgeries across the UK have been disrupted by May 12th. Let’s think how you can defend yourself from ransomware now that you realize how the WannaCry ransomware attack took place and the influence it had.

1. Update your system regularly
2. Do not click on suspicious links
3. Never open untrusted email attachments.
4. Also not downloaded untrusted websites.
5. Use a VPN while using public Wi-F[7].

CONCLUSION

           In several sectors cyber security frameworks and regulations across India and the United Kingdom illustrates some similar threats and might have divergent nature of policies to counter those issues. However, both these countries government needs to be focused on legalization of data protection policy, use of cryptocurrency and curb the spread of deep fakes on social media platforms. As we have seen some major threats on global platforms such as WannaCry ransomware threats which need immediate actions to take precautionary steps to deter these attacks in near future. As both these countries have established the watchdog agencies to look after these major cyber threats. Such as in India the major contribution to set up these institutes goes to the Indian Department of Information Technology in 2004 named as Indian Emergency Response Team for computers (CERT-IN) and in UK credit goes to ministry of state for the home department by Priti Patel who established the Centre for the Protection of National Infrastructure (CPNI) as these are the institutes which are primarily responsible for countering issues at the level of cyberworld, or charged with being a liaison among various sectors such as industrial enterprises, banking, ICT platforms and government websites. Macro Cappelli said- “Let’s face it the future is now. We are already living in a cyber society, so we need to stop ignoring it or pretending that is not affecting us”.

REFERENCES

• https://complyadvantage.com/knowledgebase/crypto-regulations/cryptocurrency-regulations-india
• Journal of Content, Community & Communication Amity School of Communication Vol. 10 Year 5, December- 2019 [ISSN: 2395-7514 (Print)] Amity University, Madhya Pradesh [ISSN: 2456-9011 (Online)]
• https://www.kaspersky.co.in/resource-center/threats/ransomware-wannacry.

---

[1] https://pinngle.me/blog/99-inspiring-cybersecurity-quotes

[2] https://cis-india.org/internet-governance/files/india-uk-legal-regulatory-approaches.

[3]Data protection laws in India: A comparative study by Dr. Ajay Kumar Garg Volume: 3 | Issue: 1 | January 2013 | ISSN – 2249-555X

[4] Justice K.S Puttuswamy V. union of India, 26^th September 2018.

[5] https://complyadvantage.com/knowledgebase/crypto-regulations/cryptocurrency-regulations-india

[6] Journal of Content, Community & Communication Amity School of Communication Vol. 10 Year 5, December- 2019 [ISSN: 2395-7514 (Print)] Amity University, Madhya Pradesh [ISSN: 2456-9011 (Online)]

[7] https://www.kaspersky.co.in/resource-center/threats/ransomware-wannacry.