Home Ministry to Tackle CybercrimeExpert Committee Submits Recommendations; Leaders Respond
An expert group created by the Ministry of Home Affairs last December submitted its "Roadmap for Effectively Tackling Cybercrimes in the Country" to union home minister Rajnath Singh this week after examining global practices on cybercrime prevention.
Cybersecurity experts welcome the report and offer suggestions on areas that need immediate attention in tackling India's cybercrime.
Mumbai-based Prashant Mali, president, Cyber Law Consulting, says, "The priority should be to develop IT infrastructure like forensics tools, servers, operating system, high-end training, telecommunications center, high speed and cascading internet lines."
In a statement released by the home ministry, Rajnath Singh says, "The team must work towards immediate processing and implementation of the report, given that India, with a fast-growing economy, is susceptible to international and domestic cyber-attacks, and there is a need to ensure a cybercrime-free environment."
Nuances of the Report
The five-member expert study group included: Dr. Gulshan Rai, National Cyber Security Coordinator; Professor N. Balakrishnan, Indian Institute of Science, Bangalore; Dr. Rajat Moona, Director General, Center for Development of Advanced Computing (CDAC), Pune; Shri B.J. Srinath, Director General Cert-In; Dr. Manindra Aggarwal, Professor Computer Science, IIT Kanpur; Dr D. Das, Professor IIIT Bangalore; and Shri Kumar Alok, Joint Secretary (Centre State).
While the report details are not made public, some key aspects related to security were shared with the news media. Recommendations include:
- Setting up a Cyber Crime Co-ordination Centre at the national level, having branches across all states with an investment of $85 million, increasing by 40 percent annually;
- ICCCC would partner with Crime and Criminal Tracking Network & Systems and National Intelligence Grid to access databases that have information related to crime and criminals;
- Advance Application for Social Media Analytics to monitor social media platform activities related to Ministries of Home, External Affairs, Defence and other government organizations;
- Capacity building and cyber education for parents;
- Close monitoring of online shopping and social networking websites;
- Reduced dependency on foreign servers and ensuring one dedicated secure gateway for all government communication.
"Given the increase in criminal and other activities on the internet which directly impact the general public, particularly women and children, establishment of appropriate infrastructure to redress such grievances in a convenient and time bound manner is critical," Rajnath Singh says.
Delhi-based Dr. Triveni Singh, additional superintendent of police, Special Task Force, UP Police, says the report must specify exactly the critical areas and modus operandi to handle such cases with specifications on the section of the IT Act.
Cyber Experts React
Cyber experts commend the cyber panel's move in setting up an independent body in tracking cybercrime.
But, says Singh, there's no clarity on the CCC centre's role on forensics and capacity building of police forces in states.
"The government should mandate the cybercrime centre to support all state law enforcement agencies in handling all kinds of cybercrime," says Singh.
Singh questions whether the government is working toward building skills of cyber investigators and mobile forensic experts - most critical in tackling cybercrime.
Most experts say the centre must impart training and knowledge to the police force, forensic examiners and security teams on detecting attempts of international gangs to penetrate Indian government official communication networks and hack them.
The committee's recommendation on budget allocation also raise a debate.
Mumbai-based Dinesh Bareja, principal adviser-IS practice at Pyramid Cyber Security and Forensics Pvt. Ltd & member of Open Security Alliance, says there's no clarity on how the budget will be allocated or spent. "I believe that major focus must be on monitoring tools and mechanisms to check attempts of hacking into government infrastructure and information sourcing," says Bareja.
Prashant Mali says the priority should be on maintaining cybercrime incidents and tracking data leakage in coordination with the police and private sector. "I hope the committee's recommendations include maintaining links with Interpol and Europol for sharing data expeditiously and making stringent auditing procedures for cybercrime investigation in the country," Mali says.
Mali says it's critical to employ well-trained techno-legal staff with international exposure and good data compilation and analytical skills.
Capacity Building through PPP
A primary objective of the expert panel, Rajnath Singh maintains, was to recommend partnerships with the public and private sectors, NGOs, international bodies and international NGOs.
However, experts believe the report doesn't indicate the PPP model being executed in its full capacity.
UP Police's Singh says, "The ministry must make procedures to legally outsource forensic investigations and skill development to qualified private parties and sanction required budgets."
The biggest challenge is scarcity of trained cybercrime resources, says Singh. "In the entire state of UP, there are just 12 staff members including inspectors, sub-inspector and constables to handle cybercrime as part of the UP special task force." How will we take up such a huge task of checking the country's cybercrime, he questions.
Experts argue that a central act must come into effect to handle public and private partnerships in setting up a unit at the state level.
"The ministry must leverage PPP model to enhance policing skills, analytical skills, skills around understanding criminal psychology and new technologies among the staff and also bridge the talent gap," Bareja says.
The home minister urges officials to come up with a concrete proposal regarding infrastructure, research, a people-friendly interface so that the matter could be considered at the highest level in a well-defined timeframe.
"A systematic approach to develop talent around monitoring cyberspace, create cyber informers who can send alerts to various departments and help them take necessary legal action must be taken up as a unique model," Singh says.