Cyber Review

Cyber Review

Date: September 03, 2022

The much-awaited Indian National Cyber Security Strategy is likely to conceptualise a “No First Use Policy” against state entities in Cyberspace, as part of an Assured Defence Posture (ADP) and “deterrence by retaliation”. India has adopted several institutional and regulatory reforms in a “whole of nation approach” to strengthen its defensive posture. Among these measures, the National Security Directive on Telecom sector (NSDTS) has strengthened network security by stipulating that all products connected to the telecom network of India have to be procured and adopted from trusted sources.

Notwithstanding, India continues to be a major target for cyberattacks by state-sponsored Chinese criminal gangs. Multiple vulnerabilities are also reported in the software and hardware deployed by global companies in India, that can let hackers gain access to their computers, prompting CERT-In to issue advisories.

The controversial Data Protection Bill 2021, introduced in the Parliament in 2019, was officially withdrawn during the month. The Government is working on a new comprehensive framework of global standard laws, including Digital Privacy laws, that address contemporary and future challenges.

The spectrum auction for 5G that ended during the month was immediately followed up by necessary payments by telecom service providers (TSP) and the formal assignment of spectrum to respective TSPs, to speed up the rollout of 5G. Besides the auctioned airwaves, E-band airwaves (71-76/81-86 GHz) were provisionally allotted via the administrative route for backhaul needs.
TSPs have partnered with telecom gear makers and chip makers for their respective networks to develop an ecosystem that can serve the needs of India and beyond. An internal committee has been formed to work out a strategy to incorporate 37.0-42.5 GHz (Millimetre Wave Band) as international mobile telecommunications (IMT) bands, which will allow telecom companies to offer 5G fixed wireless access services. Enterprises willing to set up private networks are to be allotted spectrum directly from DoT.

The Supreme Court took on record the report of the expert technical committee it had constituted to investigate allegations whether the Israeli-built spyware Pegasus was used for unauthorised surveillance. The preliminary findings revealed no conclusive evidence that Pegasus was used on the 29 phones examined by the committee. 

A Stanford Internet Observatory report revealed that as part of multiple covert campaigns, troll farms are using deceptive tactics to promote pro-Western narratives to social media users in the Middle East and Central Asia, for promoting the interests of the United States and its allies while opposing adversaries like Russia, China, and Iran.

Ukraine’s nuclear operator “Energoatom” reported an "unprecedented" cyberattack on its website by a Telegram channel called 'Popular cyber army,' allegedly sponsored by Russia. The cyberattack came as tensions flared over the Zaporizhzhia nuclear power plant which is one of Ukraine’s four nuclear power stations that supplied around half of its electricity needs before the “Russian Special Operation”.

Cyber Security firm Trend Micro reported that a China-linked cyberespionage group “Iron Tiger” was observed using the compromised servers of a messaging app for targeting hundreds of organisations worldwide for cyberespionage purposes, mostly from Taiwan.

Chinese search engine giant Baidu has unveiled its first quantum computer named "Qianshi," with a 10-Qubit processor, that has been made available to external users. Global governments and companies, competing for technology supremacy, are reportedly likely to invest around $16.4 billion in quantum development by the end of 2027.

The US President signed the CHIPS and Science Act of 2022, amid competitive concerns with China over semiconductor manufacturing and technological capabilities. The Act represents a fundamental paradigm shift in the US government policy regarding subsidising this strategic sector, which has spurred technology companies to invest ‘on shore’ for semiconductor manufacturing.

India conducted a Cyber Security Exercise “Synergy” for 13 countries as part of the International Counter Ransomware Initiative (CRI)- Resilience Working Group. National Crisis Management groups of these countries participated in the exercise.
%u200B
The United States and Israel announced the finalisation of a bilateral Memorandum of Understanding ('MoU') on Cybersecurity Cooperation.