Strengthening India’s Cyber Infrastructure


By Tajah McCray 
 
Globally and throughout India, cyber-attacks have increased creating concerns about the safety of Indian data targets.  As the use of technology spreads, India must ensure awareness of cyber-attacks to minimize any future damage.  Additionally, it’s essential that Indian citizens adopt quality cyber hygiene standards to protect the country’s cyberinfrastructure. To supplement their cyber defenses, the United States and India should renew and strengthen the Framework for the U.S.-India Cyber Relationship which is due to expire at the end of August 2021.
 
In 2020, The Indian Computer Emergency Response Team (CERT-In) handled over 1.5 million cyber incidents and found a surge of cyber-attacks from China.  Currently, phishing is one of the biggest threats that internet users face.  Phishing occurs when actors send an email to an audience to manipulate citizens into providing sensitive information such as personal or company details.  In 2020, 75 percent of organizations around the world experienced a phishing attack and 96 percent of phishing attacks arrived by email.  

As of 2020, India’s internet penetration rate reached an all-time high of 50 percent and the government of India continues to promote greater delivery of public services digitally.  The Digital India platform has contributed to the growth of internet connectivity throughout India.  

To protect the overall cyberinfrastructure of India, organizations have online workshops and vulnerability assessments to inform citizens and secure cyberinfrastructure.  For example, India’s Ministry of Electronics and Information Technology developed the information security awareness website.  The website provides over 1,000 workshops tailored to inform government, academic, and general internet users about software security, popular attacks, and computer terminology.  
 
While these efforts are beneficial, India can take additional steps by adding the points below to the U.S-India cyber framework: 
  1. Promoting cyber hygiene:  As noted in the India-U.S. Information Security Summit, 2004, governments can encourage cyber hygiene and cyber ethics among their citizens from an early age which allows each state to maintain a uniform and secure cyber structure. Further, bilateral cooperation to protect citizens should not rest solely with U.S. and Indian federal governments. Efforts should be made for subnational governments to share best practices and ideas, too.  
  2. U.S-India cyber recovery plan:  The United States President’s budget in 2020 included $17.4 billion for cybersecurity-related activities whereas India's cybersecurity budget stood at $4.3 billion.  Many American firms utilize data centers and technology partners in India. A meaningful U.S. cyber recovery plan must include cooperation with India due to the two countries’ digital integration.
  3. Implementing secure 5G deployment: In May 2021, India announced that it would allow mobile carriers to carry out 5G trials.  While 5G will offer huge benefits, it has more potential entry points for attackers due to the less centralized nature of its architecture. Therefore, India and the United States should create a U.S-India toolbox on 5G similar to the EU Toolbox on 5G.  The toolbox sets out measures to strengthen security requirements for 5G networks, applies relevant restrictions for suppliers considered high-risk, and ensures the diversification of vendors. There is a convergence of threats, so collaboration in securing this emerging infrastructure should have direct benefits to both nations. 
The Framework for the U.S.-India Cyber Relationship holds great promise as a foundational document to work collaboratively on bilateral and multilateral cyber matters.  While the framework has underperformed, it must not be allowed to lapse in August 2021.   
 
As the use of technology and cyber-attacks increases, India and the United States must renew and strengthen the framework for the U.S-India cyber relationship, especially since both nations face common cyber threats that often come from common sources.   
 
Tajah McCray is an intern with the Wadhwani Chair in U.S.-India Policy Studies at CSIS