September 15, 2015
An official statement from the ministry of home affairs says that India and Russia will form an 'expert group' on cybersecurity to jointly fight the threat of terrorism from the Islamic extremists such as Islamic State of Iraq and al-Sham(ISIS).
However, Indian security experts say this statement may be hype and prove impractical, unless a serious working model is established in tackling cyber terrorism. If such a group is indeed formed, security leaders suggest an agenda for it.
The discussion follows the meeting between home minister Rajnath Singh and his visiting Russian counterpart Vladimir Kolokotsev last week to discuss cybersecurity issues and ways to join hands to counter cyber terrorism.
"I don't see any synergy between the two countries about sharing cybersecurity skills," says Chennai-based Amar Prasad Reddy, Additional Director General, National Cyber Safety and Security Standards, and founder member of Recruitment Analysis Council. "Russians will first focus on protecting their environment, as they are very poor in information security skills.
"It's purely a bureaucratic gesture which is not very practical about implementing a working model," Reddy says.
Cyber Agreement
The two sides, which met on September 7, agreed to have an expert group on cybersecurity and counter-terrorism, sharing of experiences in specialized training and exchange of experts.
"There is a need for information exchange between India and Russia and monitoring IS activity, particularly in social media to counter the extensive propaganda being made in cyber space to combat online recruitment, said Singh.
Rajnath Singh condemned terrorism that poses a "serious threat" to the international community at large, calling it "a matter of serious concern."
But some cyber experts offer a different viewpoint.
"Will Russia share technologies and skills to enable India create its indigenous base for fighting cyber terrorism?" asks Coimbatore-based S N Ravichandran, cyber investigator and member of Cyber Society of India. "I'm skeptical about the partnership churning out an effective working model."
Besides, most terrorist activities against India are directed from neighbouring countries with whom Russia has a close relationship. Why would Russia jeopardize its interests, questions Ravichandran.
However, both sides discussed the six existing agreements in security cooperation and disaster management.
"The agreement (to ensure guaranteed supply of defence equipment, spare parts, product support and services needed for maintenance, repair and modernisation of Russian armaments for the Indian Army, Navy and Air Force), signed in 1993, on cooperation and interaction between Russia's ministry of security and India's home ministry is being revised and a fresh agreement formulated for Russia's consideration," said Singh.
While experts believe the partnership will further expose India's strengths and weaknesses to its adversaries through the Russians, Russia's Kolokoltsev emphasized working together against extremism and acts of crime in IT and high technologies.
Working Model
Security leaders expect the expert group to have a judicious mix of bureaucrats from various ministries and skilled cybersecurity experts.
Says Mumbai-based L S Subramanian, cybersecurity consultant and founder of NISE, security consulting firm for large banks and enterprise, since the group has a two-pronged objective (cybersecurity and counter terrorism), it should comprise senior government officials from the ministry of home affairs, defence, communication and information technology, external affairs and finance. Russia could have its corresponding counterparts.
"There could be smaller working groups based on cybersecurity and counter terrorism; the ministry of finance is included because money is the motive for crime and the fuel for terrorism," says Subramanian.
NCSS's Reddy argues that having the group represented by bureaucrats wouldn't help, while it's critical to have industry experts involving every sector.
"A core subcommittee should be formed at the state level too under the principal group to handle inter-state cybercrime," he says.
The debate follows India's Union Home ministry's frequent statements on forming an expert panel to devise a road map to tackle cybercrime, without much thought about its modus operandi.
India's Union Home ministry had announced forming a five-member expert group of leading academicians and professionals to tackle cybercrime late last year. It included CDAC (Pune) Director-General Rajat Moona; Prof. Krishnan from Indian Institute of Science, Bengaluru; CERT-In Director-General Dr. Gulshan Rai; Manindra Aggarwal of IIT-Kanpur and D. Dass of IIIT-Bengaluru. Joint Secretary (Centre-State) Kumar Alok will be the convenor. The announcement faced criticism from the cybersecurity fraternity, which felt most members lacked hands-on experience in tackling cybercrime.
Expert Group's Agenda
However, critics hope the two governments have given much thought to jointly tackling cybercrime.
Ravichandran believes that despite paucity of resources, Indian security agencies have shown time and again their ability to engage with terrorists.
"Any cooperation should be tempered with realism and a healthy distrust of all intentions, friends or foes. Cybersecurity requires looking the gift horse in the mouth," he says.
Experts say the immediate agenda could be countering the ISIS; it could morph into other areas of operations, long-term.
"Address tackling ISIS as a priority, as India has the world's second largest Muslim population - ISIS could lure and recruit them easily; similarly, Russia has many provinces with significant Muslim populations and ISIS could hire them," says Subramanian.
Most believe a separate law enforcement group for cybercrime and cyber-attacks is critical, and the road map should recognize the cybercrime challenges of law enforcement agencies.
The discussions between the two leaders also included law enforcement activity in Russia and India and related measures to tackle extremism.
"I'd expect intelligence sharing between the two countries, transfer of technology knowhow and specialized training in building cybersecurity skills and formation of joint teams for tackling cybercrime and terrorism," says Subramanian.
No comments:
Post a Comment