This assumes significance in the context of revelations that the US National Security Agency (NSA) had been helping itself to data from just about every major American internet company. Sources said the Union Cabinet and the Cabinet Committee on Security have cleared two policies--National Cyber Security Framework and National Cyber Security Policy--that will involve public-private partnership to tackle any threats from the cyberworld and related emergencies.
Such a cyber network infrastructure was necessary in the wake of possible attacks from state and non-state actors, corporates and terrorists as the internet world has no geographical barriers and was anonymous in nature. On the reports about leaks by a former technical assistant of CIA about the US National Security Agency gaining access to information from billions of internet users, the sources said governments do what they want to do notwithstanding agreements not to do so.
"We don't live in a perfect world. You sign agreements and feel everything will be set right. No it doesn't happen that way," the sources said adding countries have to be prepared to face any such problems.
It could be America's way of showing their capacity to use a system, they said. The sources said the Department of Electronics and Information Technology would formally release the policy in public at a workshop later this month to enable a national debate and awareness on the issue.
However, they declined to go into the nature of the protective system incorporated or the way they function in the interest of national security. Cyber incidents including phishing and malicious URLs, virus and malicious code propagation and spams have been on the rise and touched new levels in 2010 when the internet and smart phone penetration in the country crossed new heights. These incidents are mainly sourced to 20 countries including US, Russia, China, Iran, Ukraine and Australia.
There was a doubling of internet enabled cell phone connections to 412 million phones in two years between 2010 and 2012 with the introduction of 3G services. There are over 350 million internet users and 150 million broad band users in the country, 50 per cent of which may be used for pornography, according to culled out data. There were significant cyber attacks during the Commonwealth Games in 2010 when there were 8000 attacks, most of which were pornographic in nature.
One of the attacks was traced to a VIP room in a government-owned hotel in Delhi in which objectionable material was placed in a personal computer.
Admitting that India has consistently been under attack, the sources said there is nothing like 100 per cent safety.
"Whatever we know so far is that we have not suffered insufferable damage. We can also say that we are 100 per cent safe and that there is no damage because that is the nature of the cyber system," they said.
The cyber attacks during the Commonwealth Games could also have been to disrupt items like scores and a practice to see how well India was capable of preventing such attacks. In another instances, when a major power grid crisis cut off power in several parts of the country last year, there were reports that it was due to cyber attacks.
Various checks were done and analysis was done and it was found that there was no cyber attack that led to the power failure. The sources also dispelled any impression that in the name of providing cyber security there was a "big brother" watching the citizens intruding into privacy.
The internet traffic in the country was of the order of 4,800 giga bytes, equivalent of zillions of calls and e-mails. Of this, 66 per cent is mobile phones with data connection. The sources said it was humanly impossible to go into every message or calls and so what the security systems do is to take an overall trend and go into any specific traffic which is suspicious.
There were also enough safeguards in the Information Technology Act to protect individuals' privacy and safety against misdeeds. They said the Cabinet has provided funds for undertaking research in various disciplines in this field.
A Cyber Security Board is also going to be set up in a month or so. Cyber Security Coordinators will be in place. Computer Emergency Response Team (CERT), the national nodal agency for responding to computer security incidents, plays a major role in dealing with the attacks. Cyber mock drills are also conducted to test the efficacy of systems.
A pool of security auditors were also there to advise institutions on cyber issues. Three labs have been set up in Bangalore, Kolkata and Pune in collaboration with private sector while 15 states have set up cyber security infrastructure.