Relevance: Mains- GS2-SEC3

Introduction

Cybersecurity has emerged as a critical component of national security and individual safety in the digital era. With increasing dependence on online platforms, the proliferation of malware, phishing scams, ransomware, and identity theft has become a major concern. A recent incident involving a retired DRDO scientist being duped of ₹40 lakh through a malicious APK file underscores the vulnerabilities faced even by tech-aware individuals.

Case Study: DRDO Scientist Online Fraud

Recently, a retired DRDO scientist searched online for Yahoo customer care and downloaded a malicious APK file shared over WhatsApp. This file granted scammers access to his banking credentials. He was defrauded of ₹40 lakh through unauthorized transactions. The cybercrime was traced to Jharkhand, Rajasthan, and Mewat. Police arrested a group of fraudsters operating across state lines using fake SIM cards, IP rerouting, and social engineering tactics.

Types of Cyber Threats Evident in the Case

1. Malware (Malicious Software): The APK file acted as spyware, capturing sensitive financial data.
2. Phishing and Social Engineering: The scam exploited user trust by impersonating customer care services.
3. SIM Cloning and Mobile Hacking: The criminals rerouted communications using cloned or fake mobile numbers.
4. Cross-border Crime Networks: The cyberattack originated from multiple Indian states, showcasing a decentralized cybercrime model.

Challenges in Cyber Security in India

1. Low Awareness Among Users
   • Victims often fall prey due to lack of digital literacy and inability to distinguish between genuine and fraudulent links or apps.
2. Weak Legal Enforcement and Investigation Capacity
   • Cyber cells are under-resourced and often lack the capacity to trace the origin of sophisticated frauds spread across states or international borders.
3. Lack of Uniform Digital Security Architecture
   • Different government departments, banks, and private players follow varied cyber protection protocols, leaving gaps.
4. Rising Use of Unauthorized APK Files
   • APK files shared outside secure platforms are a growing source of mobile-based cyber intrusions, especially on Android devices.
5. Jurisdictional and Coordination Issues
   • Crimes spanning across multiple states face delays due to lack of coordination between state cyber units.

Government Initiatives on Cyber Security

1. Indian Cyber Crime Coordination Centre (I4C)
   • A pan-India framework to coordinate cybercrime responses and provide cyber forensic support.
2. Cyber Swachhta Kendra
   • Provides tools and services to remove malware and enhance device security for citizens.
3. CERT-In (Indian Computer Emergency Response Team)
   • Functions under the Ministry of Electronics and IT to address cybersecurity incidents and issue alerts.
4. National Cyber Security Policy (2013)
   • Aims to create a secure cyber ecosystem and strengthen infrastructure protection.
5. Digital India Initiatives
   • Encourages safer online practices among citizens via awareness campaigns.

Way Forward and Recommendations

1. Strengthen Public Awareness and Digital Literacy
   • Launch targeted awareness programs in schools, colleges, and among senior citizens about safe internet usage.
2. Stringent Regulation of App Ecosystem
   • Enforce stricter controls over app distribution platforms to identify and remove rogue APKs promptly.
3. Integrated Cyber Law and Forensic Framework
   • Empower law enforcement agencies with better tools and legal powers to pursue interstate and transnational cybercriminals.
4. Improved Cybercrime Reporting Mechanism
   • Enhance user interface and responsiveness of national cybercrime portals like cybercrime.gov.in.
5. Collaboration with Tech Companies
   • Partner with platforms like Google, Meta, and telecom providers to monitor and intercept suspicious links and accounts.

Ethical and Policy Dimensions

• Balancing privacy and security is key while designing cyber laws.
• Ensuring data protection under the Digital Personal Data Protection Act (2023) will help reduce vulnerabilities.
• Strengthening India’s cyber sovereignty is essential for national defense and individual protection.

Conclusion

The DRDO scientist case is a reminder that cyber threats are pervasive and affect even the most informed individuals. A proactive, collaborative, and well-regulated cyber ecosystem, bolstered by public awareness and technology enforcement, is the need of the hour. With cybercrimes increasingly becoming organized, India must prioritize a holistic approach to cybersecurity, treating it as both a national security and citizen rights issue.