In the wake of continuous technological advancement, cases of cyber attacks across the world have been on the rise. India too has witnessed recurrent instances of cyber attacks, especially on banks and financial institutions, in the recent past.
Many of the Indian government’s transformative socio-economic initiatives revolve around the country’s transition to a digital economy. While the benefits of this digital revolution surpass the pitfalls, one cannot take risks like data thefts, information leaks and espionage lightly. Ignoring these concerns can not only hurt the digital transition happening in India, but can also deter global companies from operating in the country.
Moreover, the battles in the future will probably be fought in cyberspace instead of on land or sea, with the targets being critical infrastructure such as dams and power grids. This has already been attempted in the past. For example, Stuxnet, a malicious computer worm that targeted industrial computer systems previously thought unhackable, and for which India was the third-most infected country.
Till date, more than 26,000 websites have been defaced and 91 lakh infected systems have been detected in India. The year 2016 saw over 3 million debit cards getting hacked in India. Worse, 80% of all cybercrimes go unreported!
This makes it super important that India fortifies its critical infrastructure and evolves a mechanism that can be practically implemented in case of any cyber breach. And this is where the role of cyber warriors comes in.
A cyber warrior is basically a security engineer who uses high-technology skills to understand, anticipate and preempt various kinds of cyber threats like malware, bugs and phishing. There are multiple roles and profiles in which these cyber warriors serve – from a malware engineer who detects and develops signatures to protect against malware to a vulnerability analyst who finds and fixes vulnerabilities (or software bugs) that can be exploited in a programme or a computer system.
In the past few years, the Indian government as well as some innovative startups have been working to rethink and redesign the country’s cyber security architecture. Recently, the government created Computer Emergency Response Teams to check cyber security threats in the power sector.
All utilities have also been asked to identify a senior executive as its Chief Information Security Officer (CISO) to implement an information security management system in the organisation. All the three branches of the Indian Armed Forces have also created an elite cadre of cyber warriors to combat attacks by hostile hackers and protect the integrity of the defence systems.
In Coimbatore, Amrita Technology Business Incubator (TBI) and Amrita Center for Cyber Security Systems and Networks (ACSN) have come together to establish the first startup hub in India that focuses exclusively on cybersecurity.
The Cyber Security Hub will bring together research, funding and industry on the same platform to promote indigenous product development in the areas of mobile, cloud computing, cyber-physical systems, malware analysis, digital forensics and cryptography. It will also enable industry-academia partnerships to provide cyber security training to promising youngsters.
Interestingly, countries like Israel have cyber-academies that identify talented computer science students and orient them to careers in cyber security careers.
Several entrepreneurs have also some forward to fill the growing need for specialised cyber-security services in the country. In 2012, former batchmates, friends and fellow ethical hackers, Abhishek Sharma and Tarun Wig teamed up to found Innefu Labs, a self-funded startup that provides inexpensive yet powerful cyber-security solutions to corporate companies, research institutions, banks and government organisations.
Today, Innefu has become a trusted name in the world of cyber security, with its clients ranging from the DRDO, Indian Army, CRPF, state police departments, and intelligence agencies to banks, SMEs, and corporate giants.
“Cyber warfare isn’t a movie, it’s happening right now. We lost out on the industrial revolution; we lost out on the defence revolution — let’s not lose out in the cyber revolution. If the next war is fought on cyberspace, we need our own weapons,” says Tarun Wig, in an interview to Taipei Times.
Although Innefu is currently the only Indian startup to specialize in national cyber security, other Indian startups like Appknox, Block Armour, Instasafe, Shieldsquare and Paladion are also tapping into the demand for expertise in online vigilance, cyber security and big data analytics.
Then there are the freelancers for whom cyber security is more a passion than a job. Hemanth Joseph, a B.Tech student, has netted a cool ₹10 lakh till now thanks to his talent in ethical hacking – for the last 4 years, he had reported over security lapses to various companies, including Apple, Google, Twitter, Yahoo, Nokia, Blackberry and Microsoft.
Many of these companies have rewarded Hemanth with a bounty for his work – he got his first bounty of $5,000 from American telecommunication giant AT&T in 2013 for reporting a critical vulnerability. He is also the honorary commander at Cyber Dome, (Kerala Police’s cyber security wing) and the founder of India’s first open community on cyber security for students, OSecCon.
Mumbai-based Trishneet Arora is another young cyber security expert whose inspiring story recently went viral on social media. Growing up with a love for computers, Trishneet dropped out of school in class 8, and with the support of his parents, began taking up small projects like repairing computers and fixing faulty software.
At 19, Trishneet got his first major payment of ₹60,000 and today, at 23, he runs his own cyber-security company with offices in India and Dubai. This talented ethical hacker’s clients include Reliance, CBI and the Punjab state government.
With India on the cusp of a transition to a digital economy, well-executed cyber-security policies can really jumpstart India’s economic growth while fortifying the country’s preparedness for future cyber threats.
To contact Innefu, click here.
To contact Amrita Center for Cyber Security Systems and Networks, click here.