I. INTRODUCTION:
The period of time when technology begin to develop incredibly fast day by day, many people cannot visualize. The era of new technology also increases the market researchers and more people wanted to expand and invent different ideas to become competition.
In 21st century Internet is among the most important inventions which have affected our life. Today internet have changed the way we use to talk, work, shop, make friends, play games, listen music, see movies, order food, pay bill, greet your friend on his birthday/ anniversary, etc. It has facilitated our life by making it very much comfortable. The technology have reached to an extent, now we have internet enabled smartphone, palmtops, etc. through which we can remain connected to our friends, family and office. Today we have the Internet of Things (IoT) encompasses the many and varied devices currently on the market, or soon to be on the market that will connect to and stay connected to the internet 24x7.
From many years, we’ve focused only on endpoint security and ignored infrastructure weaknesses but, recent discoveries and initiatives highlight a simple fact: the core is just as vulnerable as the edge.
In the past few years, attackers have increasingly targeted into infrastructure. Now internet protests, vigilantism, nation- state attacks, distributed denial of service for hire, public-key infrastructure lapses, and the market for 0-day exploits have shifted our attention to the increased risk, not only our data but also our livelihood. The Internet’s infrastructure, protocols, and processes are therefore getting more attention from researchers, not just practitioners.
On internet’s infrastructure, cyber space amorphous, supposedly “virtual” world created by links between computers, Internet-enabled devices, servers, routers, and other components. Actually the cyberspace is a global domain within the information environment is network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.
It exists, in the perspective of some, apart from any particular nation-state.
D. Cyber Security and Cyber Attacks:
Cyber Security means to protect our cyber space (critical infrastructure) from attack, damage, misuse and economic espionage.
In India Cyber Attacks have increased dramatically over the last decade, exposing sensitive personal and business information, disrupting critical operations, and imposing high costs on the economy.
A cyber-attack is an attack launched from one or more computers against another computer, multiple computers or any networks. Cyber-attacks can be broken down into two types: attacks where the goal is to disable the target computer or knock it offline, or attacks where the goal is to get access to the target computer's data and perhaps gain admin privileges on it.
How cyber attackers think and how they exploit vulnerability in cyber security. Today we have to be thinking like cyber attacker for secure our Cyberspace. Today we need to search vulnerability in our cyber security and protect before them exploit by cyber attacker.
The literature review for the paper is done by reviewing research paper based on keywords like “internet users”, “internet infrastructure”, “Cyber security”, “Vulnerability” and “cyber-attack”. The research papers of related to above keywords and books were studied for the analysis. The study was done to select the relevant material for the research paper.
Internet users in India is picking up faster it in 2013-14,
it is ranked on number three position in world after China and United State
in the usage of internet [5]. A report from IAMAI (Internet and Mobile
Association of India)
revels that India is expected to be second largest by 2015 with 330 to 370
million internet users. More than 200 million users started to use internet
after 2010 [6].
Today India is the second largest internet users in
the world, over 560 million, only behind of China. In 2021, it will be over 600 million internet users in India.
The Indian population could access the internet we have concern about our internet infrastructure.
While India is the fourth largest economy in the world, its growth and development is the lack of world class infrastructure. Estimates suggest that this lack of adequate infrastructure reduces India's GDP growth by 1-2 per cent every year.
It is correct that some issues in our internet infrastructure, but the main challenge of Cyber Security are that Cyberspace has inherent vulnerabilities that cannot be removed.
Cyber security is now considered as important part of individuals and families, as well as organizations, governments, educational institutions and our business. It is essential for families and parents to protect the children and family members from online fraud[1].
The cyber-criminal could be internal or external to the organization facing the cyber-attack.
In 2013, total 4,356 cases were reported under IT Act while this figure was 2,876 in 2012 [1].
The second most cyber-attacks affected country is India in between 2016 to 2018, according to a new Data Security Council of India (DSCI) report.
It was also found that Bengaluru – IT hub of India, had registered maximum cybercrime cases in the year 2018 [7]. Report of Indian Computer Emergency Response Team(CERT-In), it was informed that 2016, 2017 and 2018(up to November), 33147, 30067 and 15,779 Indian websites were hacked respectively [8].
The rapid spread of Internet-connected devices carries its attendant risk: a new piece of malware is detected every 2.2 seconds [3]. Too many sites are because there was no need. Each user treated in a same way and was presented in same information [4].
Vulnerabilities in web server software it is easy for an attacker to gain access any sensitive information because the information held on the server was already open to public view. An attacker typically would modify the files on the server to deface the website’s contents [4].
It is good for us to build acknowledged ability with the help of AI and machine learning to track and trace both domestic and international attackers can preempt future attacks through fear of reprisals such as criminal prosecution, military action, economic sanctions, and civil lawsuits. Moreover, tracking and tracing an attack quickly could enable the interruption of an attack in progress[2].
According to The New Indian Express, The Economic Times, Test Bytes website, KWHS Inside Cyber Security website, dgaeroqa.gov.in CyberSecurity Governoment website and all other different websites, this data are gathered.
·
July 2015, Pakistan hacker defaces Chhattisgarh NIT
website. After a day, Prime Minister Narendra Modi launched Digital India week
to reform government through technology, the official website of National
Institute of Technology was hacked and defaced by Pakistan cyberhacker. The
homepage was defaced with a warning "Hacked Pak Cyber Attackers" and
with a slogan at the bottom "Pakistan Zindabad."
· Jun, 2016, Union Bank of India Heist. Through a phishing email sent to an employee, hackers accessed the credentials to execute a fund transfer, swindling Union Bank of India.
· May, 2017, Data Theft At Zomato. The food tech company discovered that data, including names, email IDs and hashed passwords, of 17 million users was stolen by an ‘ethical’ hacker-who demanded the company to sale on the Dark Web for know vulnerabilities.
· August 2018, SIM Swap Scam. There is two hackers from Navi Mumbai were arrested for transferring rupees from numerous bank accounts. By fraudulently gaining SIM card information and they also tried to hack accounts of various targeted companies.
· 2018, Cosmos Bank Cyber-Attack in Pune. Hackers siphoned off Rs.94.42 crore from Cosmos Cooperative Bank Ltd. in Pune. Hackers hacked into the bank’s ATM server and took details of many visas and rupee debit cardholders.
· 2018, 2 ATM System Hacked Around mid-2018, Canara bank ATM servers were targeted in a cyber- attack. Almost 20 lakh rupees were wiped off from various bank accounts.
·
Feb 2019, Chhattisgarh BJP website hacked by Pakistan
cyber attackers. The hacker group identified itself as ‘Hacked By Faisal 1337’.
“We are team Pak Cyber attackers.
· May 2019, Cyber hackers attacked parts of the official website of Narendra Modi’s Bharatiya Janata Party (BJP) while he was being formally sworn in as the 15th prime minister of India. The hackers replaced several pages of the BJP’s Delhi website with recipes and images of beef dishes with the message: Hacked by ‘Shadow_V1P3R’.
· Sept 2019, Cyber Attack on Kudankulam Nuclear Plant Did Happen. The Indian Computer Emergency Response Team was informed that a malware attack on Kudankulam. According to cybersecurity company Kaspersky, it is DTrack a "spy tool" that was discovered by the firm's researchers.
· April 06 2019, India’s official ministry of defence (MoD) website mod.gov.in was hacked by Chinese hackers. Instead of the homepage, visitors to the site saw the following message: “The website encountered an unexpected error. Please try again later.”
As per information reported to and tracked by the Indian Computer Emergency Response Team (CERT-In), 172 and 105 government websites, which includes 74 and 31 websites hosted on NICNET managed by National Informatics Centre (NIC) were hacked during the year 2017 and 2018 and about 25 websites of Central Ministries and state governments were hacked in the first five months of 2019.
Between
2012 and 2018, the websites of all other political parties had faced similar
attacks from hackers.
Hacking attempts are not out of the ordinary for India, where the cyber security is weak, something even the government admits also.
IV. VULNERABILITIES IN SECURITY:
Vulnerability is a weakness which can be exploited by a threat actor, such as an attacker, to perform
unauthorized actions within a computer system. To exploit vulnerability, an
attacker must have at least one applicable tool or technique that can connect
to a system weakness.
According to all the cyber-attacks in last decade in India, we can easily recognize vulnerability of our cyber security, with the help of OWASP website.
As my opinion there is top 5 most seen application vulnerabilities in India:
An injection of code happens when an attacker sends invalid data into the web application with the help of sql query to make it do something different from what the application was designed/ programmed. The injection vulnerability is the lack of validation and unvarified data in the web application, which means that this vulnerability can be present on almost any type of technology.
Websites with broken authentication vulnerabilities are very common in any type of web applications. Broken Authentication usually refers to logic issues that occur on the application authentication’s mechanism, like session is not properly managed.
Sensitive data exposure is the most widespread vulnerabilities. It occurs when essential data does not be protected.
The problem with almost all major content management systems (CMS), by default, they give worldwide access to the admin panel. In website security, broken access control means to put a limit on what sections or pages visitors can reach, depending on their needs.
5) Security Misconfigurations:
In security misconfigurations hackers can be easily exploit gain unauthorized access. One of the most common webmaster flaws in the CMS default configurations.
Some of the vulnerabilities are not included as the Indian’s security point of view, but they still exist.
To effectively protect your organization from cyber-attacks, it is essential to understand the motive behind cyber-attacks. The motives of a attacker can help find flaws in the anatomy of a cyber-attack. For example, the WannaCry ransomware was recently used to attack several business companies and government organization in India.
To know how to react any situation of cyber-attacks and know their strategy for attack and understand their plan in better way. We must understand anatomy of attack.
· Motive:
The motivations for cyber criminals can be quite simple. The two things that make up the huge majority are money and information. Cyber-crime is a growing tool used to achieve political ends. Some criminals enjoy being able to exploit weaknesses.
· Discover:
Investigating and analysing available information about the target in order to identify potential vulnerabilities. The attacker before launching an attacks, they gather as much publicly available information about the target organization and its network, as possible. This often includes, network ranges, IP addresses, and domain / hosts names.
· Probe:
In this phase, the attacker gathers information on a potential target means they are getting to the point in a system where a vulnerability can be exploited. The scanning may be limited to your allocated range of IP addresses and a surprising amount of information can be gathered from targeted attack. Actually the main goal of this phase is to map out your network and determine details about the systems on your network, permitting the attacker to an attack to exploit well known vulnerabilities in the software version running on your system.
· Penetrate:
Exploiting the vulnerability/vulnerabilities to gain some form of unauthorized access. The attacker seeks to breach the corporate perimeter and gain a persistent foothold in the environment. Through a phishing attack or another common attack vector now, the attacker is ready to engage with the intended target and subvert the perimeter defenses. But there are so many other tools have that can be used to gain entry by attackers also. These include, password crackers, traffic monitoring tools, port scanners, vulnerability exploitation tools and encryption tools.
· Escalate:
The attacker seeks to identify and gain the necessary level of privilege to achieve their objectives. They have control over access channels and credentials acquired in the previous phases. When the attacker gains access to the target data, document management systems, mail servers and customer data they attacker will employ a technique called pivoting, using a compromised device to access other devices that would not otherwise be accessible. There are various techniques are deployed to escalate privileges and gain system administrator credentials.
· Expand:
In this phase the attacker has once established a connection to the internal network, they seek to compromise additional systems and user accounts. Now their main goal is to expand the foothold and identify the systems housing the target data. The attacker is often impersonating an authorized user. It is very difficult to spot the intruder in this phase, because the attacker often impersonating an authorized user.
· Persist:
In this phase an attacker once goes through the trouble of finding a vulnerable system, locates or builds the attack, and then successfully attacks the machine. It would be a nuisance to have to repeat the process every time he wants to access the system. He may simply acquire the username and password database from the system and crack the passwords using a password cracking utility on their system. The attacker may create an administrator-level user with a password that only he knows, now the attacker can login as whomever he wants. The attacker may install some remote-control software, to makes it easier to work remotely on the system.
· Execute:
Carrying out activities within a system that achieve the attacker’s goal. This is the final stage of their mission the attacker infiltrate from the customer data and after that they corrupt critical systems and disrupt business operations with destroy all evidence. When an attacker finds what they are looking for, they take the final steps to achieve their goal.
1) According to cyber war, India need to secure our cyberspace in offensive approach with help of penetration testing tools and should be developed such a system around the our cyber space using AI and machine learning algorithms, for that they can reply attackers self-automated.
2) Country needs an updated cyber security policy, good infrastructure, and collaboration between stakeholders to establish a secure cyberspace.
3) There are need to be a global call to action for all United Nations members to decide that they does not attack the core of the Internet even when in a state of war.
4) We must make a cyber security policy and law so much powerful that any attacker could not to think again to do so.
5) Country should be strictly apply international laws, for cyber attackers and talk about it to other nations.
6) It should be mandatory for all government websites to produce a security certificate before being hosted by NIC.
7) The government is keen to invest in R&D toward creating a robust cyber security policy framework and that is truly praiseworthy. It should be the government has offered to startups working on innovations in the field of cyber security.
8) The government can take steps to fight cybercrime, by launching reformative measures, come up with industry friendly policies and regulations and upskill people and organizations as a part of the National Digital Literacy Mission.
9) We have to develop system like the " Cyber Swachhta Kendra " (Botnet Cleaning and Malware Analysis Centre) and it will a part of the Government of India's Digital India initiative.
VII. CONCLUSION:
In India there are various challenges in the field of cyber security. All of those cyber-attacks it proven that there is some improvement is require in our India’s cyber security. It is certain that technology of future is going to change the use of internet we always have many issues and cyber security challenges. Amongst the recent aspects of involving in conflict is “no contact war” (NCW) wherein there is no “physical” or “kinetic” action across borders. We have to be understood that the today a shadowy world that is still filled with spies, hackers and top-secret digital weapons projects, cyberwarfare is an increasingly common -- and dangerous -- feature of international conflicts.
Chinese and U.S. governments have largely invested in the creation of new cyber units, but according to intelligence sources, necessary to preserve the security in cyberspace, recognizing the limits of a defensive approach they have followed offensive approach. Now India have needed to be create a new cyber unit for doing offensive cyber operations. So we have to check our cyber security using those tools and techniques such cyber attacker uses and think like that. We have to be find out where is loopholes in our security system and resolve them and always ready to attack on those who is try to find out our security vulnerability. Through this paper we conclude that the lack of Indian cyber security we will always faces cyber-attacks. So we should followed offensive approach not only defensive approach. We should always be remembered that, “Attack is best techniques of Defence”.
VIII. REFERENCES:
1. Rajesh Kumar Goutam. Importance of Cyber Security, Department of Computer Science University of Lucknow, February 2015.
2. Lipson. Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues, Carnegie Mellon Software Engineering Institute, Pittsburgh, November 2002.
3. Dixon, J., 2008. The Risk of Operating in an Inter-Connected Society. [pdf] Team Cymru, Available at: [Accessed 30 October 2013].
4. Rutvi Pradipkumar Adhyaru. Techniques A for attacking web pplication Security, Faculty of Computer Science and Applications, CHARUSAT, Changa, Gujarat
5. A Fifty Second Report. Cyber Crime, Cyber Security and Right to Privacy, Ministry of Communications and Information Technology, Department of Electronics and Information Technology, Govt. of India, February 2014.
6. A Report, Digital India 2014, IAMAI 2013.
7. Bengaluru is India’s Cybercrime Capital, The Economic Times, Feb2018, Available at https://economictimes.indiatimes.com/tech/internet/bengaluru-is- indias-cybercrime-capital/ article show/67769776.cms
8. Lewis, James (February 2018).“Economic Impact of Cybercrime – No Slowing Down”.
|
Received on 23.05.2020 Accepted on 21.06.2020 © EnggResearch.net All Right Reserved Int. J. Tech. 2020; 10(1):71-76. DOI: 10.5958/2231-3915.2020.00014.0 |
|