File Copyright Online - File mutual Divorce in Delhi - Online Legal Advice - Lawyers in India

National Security Issues In Cyberspace

We are all living in the digital era. All our daily activities either partially or totally depend on digital devices or Internet. Every Organization whether it is government or non-government and individuals rely on the usage of computer networks, systems and related technologies. Most of our daily routines, including both personal and professional activities, depend on digital devices connected through public and private networks and the Internet.

A country's wellbeing is determined by smooth functioning of its financial, bureaucratic, defence, public service and social infrastructure and this infrastructure in present era is totally dependent on cyberspace. In order to ensure the national security it is mandatory to secure cyberspace because cyberspace protection is not a choice anymore, it has become compulsion. Before talking about cyberspace and its security we need to understand various technicalities surrounding it. This project is an attempt to understand all those technical and theoretical aspects.

We are living in an Information age where data is oxygen. This information age rotates in the arms of a virtually created space which is known as Cyberspace. Though cyberspace has proved to be very advantageous for human development as it has abridged the gaps between people living on the entire earth. It has facilitated economic activities (like financial services, e-commerce), Public infrastructure development (like smart cities, smart roads, highways, smart police stations and various transport facilities like railways, seaways and aviation), defence and critical infrastructure. But on one hand it has facilitated easy access on the other hand it has posed security threats to critical, public and defence infrastructure in the form of various types of cyber attacks by enemy countries and terrorist organizations and criminal groups.

Illegal activities in cyberspace has posed serious threats to national security and various developed as well as developing countries like India are coming up with cybersecurity strategies to cope up with this serious situation. This project discusses about theoretical aspects of cyberspace as to what constitutes cyberspace, what are its characteristics, it also talks about various types of cyber attacks and strategies therein and stakeholders to counter and control illegal acts on cyberspace.

Rationale And Significance Of Study
Cyber space and cyber security in today's world have become the inseparable part of human society, that is why it is important have knowledge about various security prepositions and security threats because any activity on Cyberspace has a huge potential to affect the lives of common people. Cyberspace has become the cheapest weapon in present era. Also a new epoch of information warfare has emerged. All automated and semi-automated systems span around Information and Information is the major resource of an Organization. No organization can survive today in the digital era without a proper Information system in place.

An Information system contains details regarding software, hardware, data, people and procedures. Sometimes processes and essential system elements like environment, boundary, purpose, and interactions that surround are also considered as part of an Information System. Organizations are highly influenced by Information systems to do their business in a modernized way. So looking at all these aspects protecting and planning to protect Cyberspace has become a need of an hour. This study tries to analyse various national security threats in cyberspace and efforts therein to counter these threats.

Objectives And Scope Of The Study
  • To study about Cyber space and its constituting elements.
  • To analyse various types of cyber attacks and the ways in which they are carried out
  • To study as to how cyber attacks are threat to national security
  • To study efforts taken up government and authorities to deal with cyberspace chaos
This study is an holistic analysis to cyberspace, cyber attacks, national security issues related to cyber space and various strategies formulated to counter cyberspace issues.

Limitations Or Research GAPS
There is a plenty of material is available in order to understand Cyberspace and Cybersecurity issues at global level but in Indian context there is a lack of holistic analysis as to what are the main problems related to Cyberspace in India context, because in India number of internet users are high and knowledge about cyber issues is pretty much less.

Also when we analyse the issue of Cyber attacks there are lot of technicalities involved which are difficult to understand that's why some issues and topics are just touched upon and not discussed in detail as it also enhances the bulkiness of the project.

Research Methodology
While researching doctrinal method of research is used and the material for analysis is collected primarily internet sources like various articles, reports, strategies and government and other websites.

Research Questions
  • What is Cyberspace?
  • What are constituting elements of cyberspace?
  • What are Cyber attacks and how they are carried?
  • What are national security issues in cyberspace?
  • What is Indian attitude towards national security in Cyberspace?
  • What is Cyber security?

Literature Review
This project analyses various websites for technical as well as quantitative analysis of multiple aspects. Along with websites some major research papers and articles were also followed in order to prepare complete outline of the project.
  1. Bhardwaj, Sandeep. Security in Cyberspace: India's Multilateral Efforts. Shaping the Emerging World: India and the Multilateral Order, edited by Waheguru Pal Singh Sidhu et al., Brookings Institution Press, 2013, pp. 217-36,
    This article very succinctly discusses about the journey of cyber security in India from First Internet connection to modern day cyber security strategies
  2. Maj Gen Mallick, VP. Cyber Security in India, Present Status, Vivekananda International Foundation,

    This article provides a balanced analysis of various cyber security authorities in India and stepd taken by Indian administration in the field of Cyber Security.
  3. Aiyengar, SSR, National Strategy for Cyberspace security, Centre for Land Warfare Studies,
  4. Parmar, Sushma Devi, Cybersecurity in India: An Evolving Concern for National Security, Central University of Gujarat,
    These papers talks about various types of threats to Indian cyberspace and it also provide a profound analysis of various attacks and strategy of Indian authorities to ensure Cyber security.
  5. Patel, Kathan and Chudasama, Dhaval M, National Security Threats in Cyberspace, IndrashilUniversity,
    This research paper is data based analysis of threat perceptions and solutions therein for Cyberspace security in India.
  6. Yilmaz, Senol (Shen), and Kah-Kin Ho. Securing Cyberspace: Whose Responsibility? Cybersecurity: Some Critical Insights and Perspectives, edited by Damien D. Cheong, S. Rajaratnam School of International Studies, 2014, pp. 37-42,
    This paper talks about vulnerabilities of critical infrastructure and role of government and the need Public-Private-Partnership in order to ensure cybersecurity.
  7.  Mohan, Arun and Sharma, RK, The Cyber command: Upgrading India's National Security Architecture, Observer Research Foundation,

    This paper tries to give a comparative analysis between cybersecurity policy strategies of USA, China and India and draws out various threat perceptions.
  8. Reveron, Derek S. An Introduction to National Security and Cyberspace. Cyberspace and National Security: Threats, Opportunities, and Power in a Virtual World, edited by Derek S. Reveron, Georgetown University Press, 2012, pp. 3-20,
  9. Fanelli, R. Cyberspace Offense and Defense. Journal of Information Warfare, vol. 15, no. 2, Peregrine Technical Solutions, 2016, pp. 53-65,
    Both of these articles tries to explain as to what are the constituents of cyberspace and how it can be weaponised. These articles also talks about vulnerabilities of cyberspace and threats to cyberspace.
  10. Shiv Raman, Nidhi Sharma. Cyber Terrorism in India: A Physical Reality Orvirtual Myth. Indian J Law Hum Behav. 2019;5(2): 133-140. Available at URL:
    This article is an analysis of reality of Cyber terrorism in India and also talks about various incidents of terrorism.

Cyberspace: Theoritical And Technical Explanation

We are all living in the digital era. All our daily activities either partially or totally depend on digital devices or Internet. Every Organization whether it is government or non-government and individuals rely on the usage of computer networks, systems and related technologies. Most of our daily routines, including both personal and professional activities, depend on digital devices connected through public and private networks and the Internet.

Where do we operate, and which connects us? These are the major questions that most of us raise when we think about the way we use Internet and other resources for communication. The answer is: Cyber Space. Cyber Space is the virtual space that connects all of us and enables the information exchange, necessary to support interactions in the digital era.

More specifically, Cyberspace can be defined as, the virtual space that provides the infrastructure, electronic medium and related elements necessary for online global communication. Cyberspace is a virtual space technically created by human beings. It can be thought of as the second life space where human beings operate for social interactions, entertainment, business operations as well as for personal activities and interests.[1]

Cyberspace no longer implies a virtual environment. However, the incorporation of digital technology possess a large variety of competences like sensors, signals, connections, transmissions, processors, and controllers that are necessary to create a simulated interactive experience through Cyberspace. Simulated environments can also be created in the Cyberspace for a virtual experience.

The term cyberspace is derived from the word cybernetics which in turn is extracted from ancient Greek word kubernētēs, that refers to steersman or to give direction. Recent years have seen a wide proliferation of context-dependent suffixes applied to cyber.

The term cyberspace first came into existence in various contexts in visual arts and science fiction during 1940, 1960 and 1984. However, the first reference was made by the founder of Electronic Frontier Foundation, in the year 1990 and later in 1991 by Mr. Benedict, which is close to the existing relationship of computer and telecommunication systems.
Since Cyberspace is a common domain where everyone can operate and no one can own or govern, there are many trespassing happening. Therefore, it is necessary to understand the levels of Cyberspace. Cyberspace operates at two levels.

First is Core Cyberspace which covers all electronic devices, the transmission medium or connecting medium, the control codes, the operation codes, software used to handle them and finally the data. This is the place where all of us operate. Second is Extended Cyberspace which covers everything that surrounds the core. Anybody can access the core through this extended space. For example, an automated car or a smart appliance operated through remote control, through this Cyberspace. That is, one gets the control of core only through extended cyberspace.[2]

Extended cyberspace is very attractive to new generation of intruders, including government hackers for Cyber warfare. That is Cyberspace provides a battle space to target government, business organizations or a Nation's critical Infrastructure. It may provide an informal access, if the security system is not in place. Whether Cyberspace is attractive or not, it is all about how people choose to use it.[3]

Cyberspace has a very wider connotation and have several components like Physical infrastructure and telecommunication devices, Computer systems and related software, Networks connecting computer systems and devices, Network of Networks or Internet, User and intermediaries Access nodes, and Constituent Data.

These components can be understood from an example like (if a person wants to send a message or picture to another person, he needs the following: first of all, a device for him to send and for the other person to receive, a network for connectivity, a software or protocol to facilitate the exchange, a space or a global mechanism for seamless integration of all, the intermediate elements that do the smooth transfer from one end to other end and finally what is being transferred that is - data (message, picture, audio, video or a combination of all).

The components of Cyberspace can be arranged on different levels. The level on which cyberspace operations are conducted is determined by three layers. First one is Physical Layer which Comprises the components of physical and geographical network. It is the means through which data travels. Second is Logical Layer which Contains network elements that are associated with each other which are distant from the physical network. It also indicates the structure of connection of the physical components. Third is Cyber Personal Layer which Involves the people actually present on the network.

The Cyber Domain created by Cyberspace is generally chracterised by 5 main characteristics i.e Connectivity, Virtuality , Expansion, Ambiguity and Interactivity. Ultimately cyberspace provides collaborative and virtual space for a wide range of participants. These five features make Cyberspace inherently uncertain and complex.

Driving forces of Cyberspace are Time, which is Vital and irreplaceable, for everything Action, preparation, realization takes time but in cyberspace, actions occur in the blink of an eye. Space, which is Interlinked with time into a complex tapestry and the Initiation of Cyber-attack is from digital battle space. Efficiency, the key efficiency element in cyberspace is that simultaneous actions in different dimensionalities are performed by the operators.

Asymmetry, which carries the idea of Opponent's weak point exploitation by claiming competitive advantage in the most optimal way. Asymmetrical warfare opportunities are the sources created by cyberspace. Anonymity Cyberspace and its operations are to be identified difficult to detonate the location of the operator with their identity found in cyberspace.[4]

Cyberspace is generally confused with Internet but they are altogether different . Internet is an inter-connected network. It comprises of a large number of world-wide computers connected in a network to facilitate communication and data exchange. It makes use of the TCP/IP protocol suite for data transmission and exchange. Therefore, Internet provides the technical platform for communication and actions through well-defined standards of operations.

The Internet links smaller or larger networks of computers, servers and other personal devices that exist within the scope of Internet. However, Cyberspace is a symbolic and figurative space that exists within the Internet and supports a multitude of business, government and social interactions through information exchange. Cyberspace derives more from the decisions made at the cognitive level rather than through the operation of physical systems.

The design of the Internet results in a cyberspace that is built out of components and provides services designed to form more complex services. Data exchanged in Cyberspace can be in the form of text, audio, video and image. Internet is a 50-year-old technology. Starting with the military applications, it was widely used as a tool by the academicians and researchers to exchange data easily.

After digital communication revolution, introduction of TCP/IP protocol, Domain Name System (DNS) and Addressing methods made the Internet available to all devices and all types of users. Due to privatization and commercialization, Internet started developing rapidly. Rather, Internet simplified the operations of the organization by killing the distance.

Therefore, Cyberspace and Internet vary in terms of their meaning, definition and operations. The term cyberspace has led to the introduction of other words like, cyber security, cybercrime, Cyberwarfare, cyber terrorism and cyber espionage. Initially the terms cyberspace and cyber security were used widely in the academic circle.[5]

Various Types Of Attacks On Cyberspace And Attacks Through Cyberspace

Gone are the days when wars were fought with tanks, guns and missiles, today we are in a Fifth generation of warfare where data is the oxygen and warfare is all about information and strangulation of data. National security of any country in todays time is not limited to securing physical borders and space but it has extended to protecting virtual space also which known by the name of Cyberspace. National security depends upon economy, society, social media, national institutions etc.

In a vast country like India where Internet controls the mobility of country in every sense, anarchy and chaos can be created by the enemies if they manages to control cyberspace, that's why it is necessary to protect cyberspace from persistent attacks.[6] In order to ensure cybersecurity we need to have a thorough knowledge about the enemy i.e cyberattacks and its various classifications and types.

As of October 2018, there are 4.2billion active Internet users worldwide and 3.4 billion people are active in social media. Most of them rely on Internet technology to carry out many of the day to day works such as shopping, banking and communications. Governments and business organisations are increasingly automating their day to day activities, which has led to an increase in cybercrimes and cyber-attacks.

These attacks include financial scams, hacking, downloading copyrighted content, Illegal pornographic content, virus attacks, cyber stalking and hate crimes against minorities and LGBTQ communities. The Morris worm[7] (1988) is the first known major cyber-attack which used a weakness in the UNIX system noun and replicated itself. The worm was developed by Robert Tapan Morris who became the first person ever to be convicted under the US computer fraud laws.

Cyber-attacks can be defined as a deliberate exploitation of computer systems, resources, networks and technology connected through World Wide Web. In order to execute a cyber-attack, malicious code or logic to alter the actual code or data are used. This will result in compromised data. The compromised data leads to cybercrimes such as information and identity theft and other outcomes such as fraud, extortion, malware, Pharming, phishing, spamming, spoofing, spying, denial of service and distributed denial of service and theft of hardware, instant messaging abuse and intellectual property theft.[8]

Network attack or cyber-attack is nothing but an interruption of authenticity or integrity of information or data. Misconfigured system and the system that has poor security control are scanned in the process of hacking. Once the hacking is done, the infected system acts as spy and disrupts other systems in the network. It can be remotely operated by the hacker and the commands are passed to it.

The activist looks for the flaws in the infected system so that other systems can be infected via this system such as deficient in antivirus, bugs in software and flawed system configuration. Basically, cyber-attack hacks or steals the data or information from any organization in any sectors. Some common characteristics behind the act are, Regimented, Scrupulously designed or Harmonized, Demanding Time and Resource, Enormous, Organized and Not spontaneous or ad hoc.

Cyber-attacks are growing stronger and more sophisticated.

The below three are basic categories of attack [9]

  1. Volume-based attacks - Volume based attacks use high traffic to flood the network bandwidth
  2. Protocol attacks - Exploitation of server resources is the cause of Protocol attacks
  3. Application attacks - Application attacks are serious types of attacks and they focus on web applications and these are considered to be the most sophisticated attacks

Cyber-attacks mainly target the information or data of various platforms which includes financial organisation websites, News and media websites, military/defence department websites and Government websites[10].

The motivation of cyber-attacks involves:

  1. Obstruction of Information
    Whenever there is a need for specific data or information from any organization or from any websites the main aim of the hacker is blocking the access to that important information. With the authorized user's identity, the attacker blocks the access to the information and further compromise the capability of the organization for upcoming events.
  2. Denigration in the Reputation of the country
    The motivation for the cyber-attack is to degrade the reputation of the organization intern and further the country. Every country has the competencies due to technological development. This improves the countries productivity and values among other developing countries. To damage this, large scale cyber-attacks are launched through the networks.
  3. Denial in providing public services
    An attacker can cause disruption in any domains such as stock markets, banking, airline services and railway services by blocking access to valuable information for any authorized users in their organization.
  4. Smashing up legal Interest
    The well recognized organization's networks are smashed up to get the benefit of their favoured organization is one the known motives for cyber-attack. To deal with such scenarios the well-defined security goals must be present in the organization.
  5. Counter International cyber security measures
    The hackers who initiate the cyber-attacks are mainly concentrating to challenge or defeat the initiatives or measures taken by the international cyber security community to stop and prevent the cyber-attacks. The attackers do this by hiding their malicious code within some normal program to bypass the security scan and also, they increase the complexity of their attack patterns.
  6. Retardation of decision-making process
    In emergency services, military and services the cyber-attacks play major role. It causes delay in decision making processes like activation of life support system in hospital which may cause death of patients and the tactical deployment in military defeats.
  7. Abatement of public confidence
    Public lose their confidence about the safety, security and trustworthiness on the organization due to the stealing or hacking of their information.

Classification of Cyber Attacks[11]
Based on Purpose
  •  Reconnaissance Attack
  • Access Attack
  • Denial of Service Attack
Legal classification
  • Cyber Crime
  • Cyber Espionage
  • Cyber Terrorism
  • Cyber War
Based on severity of Involvement
  • Active Attacks
  • Passive Attacks
Based on Scope
  • Malicious Large-Scale Attack
  • Non-Malicious Small-Scale Attack
Based on Network
  • Attacks in MANET
  • Attacks in WSN

Name of the attack Description Examples
Reconnaissance attack It involves unauthorized detection system mapping and services to steal data.
  1. Packet Sniffers
  2. Port Scanning
  3. Ping Sweeps
  4. DNS (Distributed Network Services) queries
Access attack It is an attack where intruder gains access to a device to which he has no right for access.
  1. Port trust utilization
  2. Port redirection
  3. Dictionary attacks
  4. Man-in-the-Middle attacks
  5. Social engineering attacks and phishing
Denial of Service (DoS) attack It is the Intrusion into a system by disabling the network with the intent to deny service to authorized users.
  1. Smurf
  2. SYN Flood
  3. DNS attacks
  4. DDoS (Distributed Denial of Service) attack
Cyber crime It is the use of computer and Internet to exploit users for materialistic gain.
  1. Identity theft
  2. Credit card fraud
Cyber espionage It is the act of using the internet to spy on others for gaining benefit.
  1. Tracking Cookies
  2. RAT Controllable
Cyber terrorism It is the use of cyber space for creating large scale disruption and destruction of life and property.
  1. Crashing the power grids by al-Qaeda via a network
  2. Poisoning of water supply
Cyber war It is the act of a nation with the intention of disruption of another nation's network to gain tactical and military advantages.
  1. Russia's war on Estonia (2007)
  2. Russia's war on Georgia (2008)
Active attacks It is the attack of data transmission to all parties thereby acting as a liaison enabling server compromise.
  1. Masquerade
  2. Replay
  3. Modification of message
Passive attacks It is the attack which is primarily eavesdropping without meddling with the database.
  1. Traffic Analysis
  2. Release of message contents
Malicious attack It is the attack with deliberate intent to cause harm resulting in large scale disruption.
  1. Sasser attack
Non-malicious attack It is the accidental attack caused due to mis-handling or operational mistakes with minor loss of data.
  1. Registry corruption
  2. Accidental erasing of hard disk
Attacks in MANET This attack aims to slow or stop the flow of information between the nodes.
  1. Byzantine attack
  2. Black Hole attack
  3. Flood Rushing attack
  4. Byzantine Wormhole attack
Attacks on WSN It is an attack which prevents the servers from detecting and transmitting information through the network.
  1. Application Layer Attack
  2. Transport Layer Attack
  3. NetworkLayer Attack
  4. Multi-Layer Attacks

Another types of threats and most commonly used attacks are Malware attacks. Malware is also known as malicious software is unwanted software that is installed in the system without the knowledge of the user. A genuine code is attached with the malicious program and broadcasted. It duplicates itself in the global network i.e., Internet. The most common types of malware are :- Macro Viruses, File Infectors, Boot-record/System infectors, Polymorphic viruses, Stealth viruses, Trojans, Logic bombs, Worms, Droppers, Ransomware, Adware and Spyware.[12]

Now after looking briefly at possible types of attacks in a certain technical way we also need to look at type of threats to network security.
There are four type of threats to network security [13].
  1. Unstructured Threats
    In this type of threats easily available hacking tools such as password crackers and shell scripts are used by inexperienced individuals. Unstructured threats still do serious damage to a company. These types of threats are performed to prone the hacker's skills. For example, the truthfulness of the company is damaged when the company is hacked. Public think, the website is not safe, and it is not safe to do business.
  2. Structured Threats
    In Structured Threats, the technically competent and highly motivated hackers provoke the threats. They understand system vulnerabilities and develop exploit code and scripts. To penetrate unsuspecting businesses, they understand and develop and use sophisticated hacking techniques. They are regularly involved in major fraud and theft cases which are reported to law enforcement agencies.
  3. External Threats
    External threats are raised outside the company by an individual or by any organization. They have limited or no access to the computer/network. They mainly work from the Internet or dialup access servers by their own way.
  4. Internal Threats
    Internal threats take place when someone has physical access to the network with an authorized account access or server access. This type of internal threats is happening because of misuse of the account up to 60 to 80 percentage that are generally reported by the FBI. Based on these types of attacks, exploits and threats which are evolving various terms are also identified to describe them. Few of the most common terms are as follows: Hacker, Cracker, Phreaker, Spammer, Phisher, White hat and Black hat.

Cyber Security And Solutions Therein In Order To Ensure National Security

National Security Issues In Cyberspace

In a short span of time the society has completely shifted to cyberspace and when we talk about the word society it basically includes companies and individual entities. The economies of nations are to a large extent dependent upon cyberspace but at the same time malicious activities through cyberspace has also penetrated in this Virtually created social system.

In today's time terrorist need not to get a physical space to recruit and train people to fulfill their disastrous goals they can easily peep into cyberspace and exploit financial, strategic, defence, intelligence and public infrastructure services of the Nations. Recently national security advisor of India Mr. Ajit Doval has specifically stated that the next generation war is a war of civil society that will take place through cyberspace.

In 2011 President Barack Obama released the international strategy for cyberspace which put forward three characteristics of cyberspace first one is that cyberspace provides opportunities for Innovation and that is why people trust it so much. Second is it is globally interoperable. Third one is it is reliable. But in today's scenario reliability should be checked at the instances of national security threats. Gone are the days of warfare where military is used to fight, it was before predicted in 1990 that the 21st century war will be a cyber warfare and today we see that various non state actors like hackers, intelligence services and illegal groups which carry out illegal activities are the major threats to National securities.

Major discussion regarding National security threats started in 2008 when Russia invaded Georgia where on one side Russian tanks and aircrafts were entering Georgian territory and on the other hand the defence Ministry of Georgia was attacked by cyber Warriors from Russia, it created a situation of confusion among Georgian administration and it disrupted the whole national security policy of Georgia.

Another attack that stunned the whole world was in 2010, Stuxnet which was the first worm which was specifically invented and formulated to carry out consistent attacks on industrial control systems this worm posed a great threat to power plants control systems, communication systems, factories and hijack their systems.

Iran's nuclear facilities were also attacked and its leads to decline in the pace of nuclear program of Iran. General Keith Alexander, head of US cyber forces stated in his statement that future militaries would not fight at physical spaces but it will fight at cyberspace and it will definitely target security personals, various National infrastructure and strategic equipments and it will also disrupt the combat capacity of its enemies that is why we need to protect our national security and for that purpose we need to enhance our cyber security.[14]

From the very initial the policy of American defence strategists was to treat cyberspace as a dynamic domain and it also stressed on the need of enhancing the accessibility, organising and training and equipping people so that in the time of need the US department of Defence can take advantage of potential of cyberspace. Second thing was they wanted new Cyber concepts and highly secured operating systems so that informations, data networks and Systems, of Defence ministry or can be protected.

They also stressed upon public private partnership model to enhance cyber security. They also moved forward for International alliances and to collaborate with them in order to build a robust mechanism for international cybersecurity as well as national security. They also stressed to prepare huge cyber workforce and technological innovation in the field of cyberspace so that when there is a need this workforce can be used side by side to Defence forces and counter intelligence forces.

Though the word cyberspace was coined in 1982 by William Gibson in his short story but the initiation of cyberspace activities started way back in 1990 when world wide web was introduced to the world when we today analyse the importance of protecting cyberspace we can easily correlate to the definition of cyberspace which was put forward by Bush administration in 2003 who described it has a large connectivity of computers service switches, fibre optics, routers which serve as the central command system or the nervous system of critical and strategic infrastructure of any Nation.[15]

The cyberspace becomes more dangerous with the advent of artificial intelligence when a new dimension, 5th dimension has been created where individuals exist in reality defying persona where they can inter connect with people socially and Virtually without showing out their exact identity. This virtual world is a newer form of real-world. Though cyberspace has abridged gaps but it has posed intercontinental threats also. When we talk about national security issues in cyberspace the major difficulty comes that there is no single handling or single database of internet around the world that means there is no single owner of internet or activities on internet who could be made accountable of any illegal activity that is taking place on the Internet.

There are lots of internets around the world in a virtual space called cyberspace even governments do not have monopoly in cyberspace and it makes more challenging to counter malicious activities on cyberspace. A single virus can stop the progress of entire nation. Another most important thing is excessive of everything is bad and in democratic countries like India every government department is expected to have a transparency in front of people, it is good to some extent but in the time of cyberwarfare it proves fatal for country's national security because giving information on social media platforms televisions blogs, radio platforms exposes the critical infrastructure or critical defence infrastructure of the country and the hackers can get critical data and it can pose the threat to National Security.

In traditional wars governments have to invest huge amount of financial as well as human resources in all the fields land, air or sea but in cyberspace a single individual can destroy all country. Similarly in today's world satellite imagery has proved very fatal as it can capture and locate sites which are critical in nature for National infrastructure and it makes the task of the enemy easier to locate and destroy similarly it takes large efforts to build nuclear weapons but cyber weapon can prove mass destruction without investing a single penny.

Worms, viruses and Zombie software cyberspace has also made the task of terrorist organisations easier in order to recruit, radicalize and train people across continental boundaries. According to US department of Defence various cyber space weapons can be botnet, logic bombs, Trojan horses, virus, worm and Zombie softwares. Defence strategists from all over the world has declared cybersecurity threat as a real threat and in past some years the authorities have confirmed that not only softwares and operating systems but Silicon chips inside computers can be hacked and can be misused.

When we look at the threats to Cyber domain it is very difficult to identify the point of origin in missile attacks there is a discrete amount of information available as to from where this missile is coming what are its specifications what are its geographical locations but when Enemies use hybrid tactics it is almost impossible to locate and they can easily hide their locations we can say that what makes cyber attacks very fatal is its uncertainty and the Collateral Damage it can cause while attacking a particular target and if we cannot locate the enemy how can we attack then how can we delete it also it is very very cheap within but it can be disastrous the United Nations International telecommunication Union if one stated Get low matter how superpower countries but a person sitting on internet every person sitting on internet is a superpower in himself if he uses his brainn nefariously to destroy another challenge is supply of bend materials and trade of bend materials in any country can destabilize the country's economy and composed to national trade like VC in Indian scenario lot of drug trade weapon trade is happening on internet.[16]

When we talk about Indian scenario, we need to specially look it angle of cyberterrorism.India has the second highest number of internet users in the world that's why threats involving cyberspace are also big. Adding to the peril India in surrounded by hostile neighbours like Pakistan, China and Bangladesh who openly proliferate and supports terrorists organizations from around the world in order to destabilize India. Such large presence of Indians on internet unfortunately makes them more vulnerable to cybersecurity threats because of minimal knowledge about cyberspace and its protection.

Cyberterrorism have a huge potential to damage national security because it is the only weapon which can destroy psychological, physical, political and financial wellbeing of nation on just one click. In past few years attempts and incidents of cyberterrorism has expanded rapidly posing serious threats to critical infrastructure of the country like nuclear facilities, defence facilities, financial and banking facilities and public delivery infrastructure.

Main hurdle behind curbing cyberterrorism is jusrisdictional restriction because these activities can be committed from any corner of the earth and also it is very difficult to locate. Terrorist organizations work on instilling fear in minds of people and that is why they try to gather large public attention and cyberspace has facilitated them in a lager extent because using cyber techniques they can disseminate their terror to a larger chunk of people.

Internet is flooded with websites that are operated by terrorists organizations like Al-Qaeda, ISIS, Indian-Mujahedeen etc. to recruit people and fund their terrorist activities. For country like India cybersecurity is not a choice but compulsion and looking at this scenario India has come up with national cybersecurity strategy which is performing quiet decently.

In 2010 India's internal security agency CBI's websites were taken down by cyberrorists from Pakistan. In 2013 security system of Indira Gandhi International Airport (IGI) was attacked by a virus called as 'technical snag' which was aimed at destroying security systems of boarding gates and to tamper with reservation system of airlines. According to an estimate Indian cyberspace face 60 attacks everyday by Pakistani cyberterrorists.

Voice over Internet Protocol is the latest weapon used by cybersterrorists where they indulge in attacks through mediums like What's app voice and video calls, Skype, Video calls through Google talk etc., Coded chats, Secret message inside images, e-mail drafting and encrypted pen drive to propagate their agenda. Telecommunications by terrorists played a major role during 26/11 Mumbai attack where terrorists recceed area around the attack site using google maps and also communicated with the handlers sitting in Pakistan.

The coded messages were decoded by ethical hacker Ankit Fadia. In 2011 a bomb explosion took place in Jhaveri Bazar which was detonated by computer operated detonator. It was 2010 bomb blast in Varanasi which forced Indian government to formulate a robust mechanism to cope up with menace of cyberterrorism. India is country where large chunck of people are connected with various emotions and terrorists and illegal entities takes advantage of these emotions for example many a times riot like situation is created through social media by spreading fake news of blasphemy, lynchings and assaults and they try to incite one particular community against another.

When we analyse all cyberterrorism incidents in India we can figure out some prominent targets like Media and telecommunication infrastructure, various government and private corporations, consultancies, financial institutions, healthcare companies and infrastructure, power generation plants and grids, transportation facilities and infrastructure, water infrastructure, nuclear, railway, Information and technology and defence facilities.[17]

Cybersecurity And Solutions Therein

What is Cybersecurity
There can be various definitions of cyber security some of the crisp definitions are:
Cyber Security refers to the measures taken against data thefts or protect the computer systems from damages such as hardware, software or information, as well as from interruption or deception of various computer services. Cyber Security includes techniques that protect computers, networks, programs and data from illegal access or outbreaks that may be misused.

Importance of Cyber Security [18]
  1. It endeavors to safeguard that the security properties are realized and maintained by the Organization.
  2. User's assets are protected against various cyber security risks and remain intact.
  3. The importance of ensuring protection from attacks, damage and authorized access on networks, computers and programs is equivalent to daily routine operations of an organization.
  4. Helping to understand the current trends in IT and develop effective solutions.
  5. Reducing vulnerability in information and ICT systems and networks.
  6. Enforcing integrity, confidentiality and availability.

Common Tools of Cyber Security
With the understanding based on the discussions made so far, the Common tools used for cyber security may be listed as: Passwords, Anti-virus/Anti-malware Software , Software patches, Firewalls, Two-factor Authentication , Encryption

Key Elements of Cyber Security[19]

Application Security
Application security covers procedures or actions that can be taken care of throughout various stages in the development life-cycle process of an application. This is to ensure that the application is protected from threats and vulnerabilities that arises through faults in the development of applications like, design, deployment, up-gradation or preservation. Some of the basic techniques involved in ensuring security in applications are: Validating the Input parameters; Authenticating and authorizing valid Users/Roles; Managing Sessions, manipulating parameters and managing the exceptions; Security Auditing and Log Analysis.

Information Security
The fortification of information from illegal access or information theft thereby preserving the privacy is referred to as the Information Security. Some of the common practices that provides Information security are: Identification, validation and authorization of users; Cryptography.

Network Security
The process of ensuring the usability, consistency, truthfulness and security of the network is referred to as the Network security. Large number of threats are recognized and stopped from further spreading or entering into the network system through an Effective network security strategy.

Network security compromises of the following components:
Anti-virus and anti-spyware;Firewall, identifies and blocks any unauthorized network access; Intrusion Detection system (IDS) automatically detects Network Intrusions and Intrusion Prevention Systems (IPS) that identifies destructive threats, like zero-day or zero-hour attacks; Virtual Private Networks (VPNs) provides safe remote access.

Disaster Recovery
A development process that is used to assess various types of risks and establish different priorities thereby evolving disaster recover strategies is known as Disaster recovery. Every organizations must develop proper disaster recovery strategies to protect their business-related activities from damage. Rather, they should take pro-active measures to handle disasters because information is a major asset of an Organization.

Operational Security
Very stubborn or stringent measures must be taken as far as operational level security is concerned especially in a complete automated environment. Of all the risks, it is really difficult to fix the operational risks in an organization when data leakages or security breaches happen.

End-User Education
The most essential and viable solution is end user education. Most of the security incidents happen only because of lack of knowledge on the handling side of the users. Many incidents happen without realizing the significance of certain activities.

Of all the above, end-user education is very important for an organization to avoid unnecessary incidents against security. Also in order to ensure strong cyber defence and cyber security it is the responsibility of both government as well private entities to work in collaboration. Public Private Partnership is the need of the hour in present time.[20]

Sources Of Cyber Insecurity [21]

  1. Intelligence agencies
    Intelligence agencies use espionage techniques in order to gather information, data, locations and valuable inputs. Some time cyber warfare resources are used for mass destruction and untraceable nature and jurisdictional crisis makes these type of activities suitable for intelligence agencies. They use hacking as a tool and hacking becomes a two faced element, for one country it is ethical and for other country whose resources are getting tampered or hacked it is unethical and illegal.
  2. Criminal Groups and Terrorists
    Criminal groups and terrorist organizations use cyber techniques for recruiting, training, financing illegal activities, online rackets like drug rackets, weapon sale, human trafficking takes place and in recent times deep fakes and private pictures and accessories are created for extortion.
  3. Hacktivists
    In today's time political PR management has taken over all over the world and some groups get paid for politically charged cyber attacks on opponents, they dump e-mail servers with thousands of mails and try to strangulate mail delivery algorithms and they also hack into websites of opponents to flood it with political texts and messages.
  4. Disgruntled Insiders
    The displeased insider, working from inside an association, is an insiders chief wellspring of PC violations. Insiders may not require a lot of information about PC interruptions on the grounds that their insight into a casualty framework frequently permits them to acquire unhindered admittance to make harm the framework or to take framework information.

Cyberspace Protection: India's Journey

India's experience with internet is just 40 years old when in 1980s Rajiv Gandhi government came with the vision of tech-savvy India, but the this vision received a setback in early 1990s when country was struggling with financial crunch but it again received impetus in Atal Bihari Vajpayee government.

India established first global internet connection in 1989 but internet was monopolized by government-owned Videsh Sanchar Nigam Limited. In 1996-1997 this situation was liberalized. In 1998 India became signatory to Agreement on Basic Telecommunications under the aegis of WTO and fulfilled all requirements and further Information Technology Act paved way for modernization in field of cyber activities and e-commerce and it also freed Internet service providers from excessive accountability and liability for the content which was earlier strangulating the efforts in field of Internet and modernization.[22]

Though today's internet revolution in India is a result of many small and big moves and efforts but we can analyse the development through some prominent steps in this regard. The first acknowledgement of cyber-warfare/information warfare possibilities came into light when in 2004 Indian Army released its Indian Army Doctrine[23]. This doctrine stresses on peculiarities of Cyber and Information warfare.

There is a separate chapter on Information warfare under section 5 (Types of War). Further Basic Doctrine of the Indian Air Force, 2012[24], this 14 chapter doctrine talks about Information warfare in its 12th chapter and in this chapter there is a separate topic on cyber warfare and this doctrine describes cyber warfare as a very cheap and low cost way to wage war against the enemy. The doctrine also commented upon boundary less reach and pereception management of cyber warfare.

The doctrine also stresses upon the gravity of threat presented by cyber warfare to governments, militaries and individuals. The major breakthrough in Indian cybersecurity strategy came in 2013 with National Cyber Security Policy[25], Ministry of Communication and Information Technology, Department of Electronics and Information Technology launched this policy as very initially formalized step in the direction of protecting Indian cyberspace.

This policy aims at building a highly secured cyberspace and robust system of cybersecurity for common people, business ventures and government through strongly responding to cyber threats and reducing cyber vulnerabilities. It also talks about formation of nodal agencies and enhance cooperation between various stakeholders in the field of Information-technology and cyber related activities. In 2018 Indian army came forward with Land Warfare Doctrine (LWD)[26] in which Indian Army categorises cyber warfare as apart of information warfare.

This states that Indian Army will also enhance its capabilities so that it can carry out various security operations related to Information Warfare over the whenever and wherever any conflict arises in any cyber related field which is proving detrimental to national security and defense forces. It also works as a guideline for Indian Army to strengthen their cyber-warfare capabilities so that offensive as well as defensive strategies and plans can be launched.

In 2020 India came up with National Cyber Security Strategy 2020 [27] which is a latest attempt to strengthen cybersecurity in India. According to Indian computer emergency response team in the first eight months of 2020 India witnessed 6.97 lakh cyber security incidents which was an alarming number because it is equivalent to combined data of last 4 years. Recent major cyber attacks on India are by a Chinese group known as red echo which targeted the power facilities in India it used a malware by the name of shadowpad which facilitated Chinese hackers to access service server through back door entry.

Another incident Stone Panda a Chinese hacker group also tried to hack into IT infrastructure of India and supply chain of Bharat Biotech and Serum Institute of India. Another incident of Cyber attack was solarwinds hack which drastically impacted National critical infrastructure in USA. Looking at the economical angle according to reports by McKinsey Global Institute India has become a second fastest digital adaptor in the world. India's digital sector in 2017-18 contributed 7% that is 170 billion dollar to the GDP and it is expected to increase by 8 to 10% by 2025.

According to national security advisor Mr Ajit doval during Corona pandemic the incidents of Cyber attacks has increased by 5000% looking at all these consistently increasing threats the Government of India under National Security Council secretariat has formulated National cybersecurity strategy which aims to strengthen cyber security by increasing cyber awareness and regular robust audits.

According to this strategy there will be a panel of Cyber auditors who will look after security features of organization. It also features tabletop cyber crisis management exercises so that to make people aware that cyber attacks can take place at regular basis. It also calls for an index of Cyber preparedness. It suggest a separate budget for cyber security.

Its main objective is to secure the national cyberspace, synergize the resources including cooperation and collaboration and to strengthen the structures, people, processes and capabilities. The main aim of the strategy is to prevent critical infrastructure of the country like financial services power services nuclear power plants and manufacturing services. The adoption of 5G technology in India has also paved the way for this strategy.

This strategy aims to form strong security mechanism for government, individuals and for businesses. In order to implement these strategies there are also dedicated departments and agencies which ensures proper resolution of cyber related issues. These agencies and departments include Ministry of Electronics and Information Technology( this is a ministry under the government of India which looks after all policies and strategies related to IT and electronics, this ministry also pioneer in research and development and innovation in cyber related issues and consequential human resource development), National Security Council Secretariat, Cyber Swachhta Kendra, Cyber and Information Security Division (C&IS) under ministry of Home Affairs, National Technical Research Organisation(this organization is a Technical Intelligence Agency which directly report to National Security Advisor which reports to Prime Minister's office, this organisation have been allotted the work to develop and enhance technological expertise of India in the sector of aviation and remote sensing.

This organisation also works on collecting and assessing technical data and ensuring cyber security by enhancing hardware capabilities and monitoring incidents which are fatal to national security. National Critical Information Infrastructure Protection Centre also works under the aegis of NTRO.), New Emerging and Strategic Technologies Division (NEST), Indian Cybercrime Co-ordination Centre (I4C), National CERT or CSIRT (It came into force in January 2004, it works as nodal agency for countering incidents of computer security It's other works includes analysis of data and spreading information regarding cyber incidents spreading awareness thorugh guidelines, advisories, vulnerability notes, white papers regarding possible cyberattacks and emergency response cyber incidents.)[28]

Critical Analysis
Dependence on technology is more and the dependency has made it more vulnerable to compromise. Cyber Security problems are identified in technologies provoking cyber-attacks easier and more dangerous. The main problem addressed are being ignorant about the role of cyber security and the complex situations imbibing various past and current technologies.

Looking at vulnerabilities there are various questions in front of us when we operate in cyberspace, these questions are:- From what to protect?, What to protect? And How to protect?.

The main focus is on the first question. The main concern on this aspect is on Deciding on what or from what, to mainly protect, and how to operate strongly during system failures. Addressing the second question is on the possible threats and the threats are analysed for further detection in future. The third question addresses the object's security assurance from threatening factors through measures and procedures of implementation. But to address these question some efforts like financial stability and technological know-how is needed.

For a developing country like India it is not an easy task to arrange strong cybersecurity systems when there are persistent threats from enemies like Pakistan and China and terrorist groups. Alongside the financial and technological crunch issues we also have issues of lack of knowledge regarding cyber systems and cybersecurity adding to the peril we have second largest Internet user population in the world.

Cyber security has a significant importance in the current world of digital technologies as most people make use of Internet for their daily activities. This replaces the mechanical process with the use of software. The global usage of Internet has also authorized individuals to unleash unique levels of innovation, creativity, and has also created new markets unruling old ones. As Internet is used world-wide it suffers from various security challenges and issues of which most of them help in improving the emergence of cyber security practices. The major challenge that exists in cyberspace is the anonymity, as it creates security breaches and complexity between individuals and government legislations.[29]

We are all living in the digital era. All our daily activities either partially or totally depend on digital devices or Internet. Every Organization whether it is government or non-government and individuals rely on the usage of computer networks, systems and related technologies. Most of our daily routines, including both personal and professional activities, depend on digital devices connected through public and private networks and the Internet.

Where do we operate, and which connects us? These are the major questions that most of us raise when we think about the way we use Internet and other resources for communication. The answer is: Cyber Space. Cyber Space is the virtual space that connects all of us and enables the information exchange, necessary to support interactions in the digital era. But cyberspace is very much vulnerable to attack and it can pose various security threats to national security.

In cyberspace the critical infrastructure of the country like power, finance and defence is always at risk. The cyberattacks and incidents of cyberterrorism which takes place involves tools like worms, amlwares, Trojan horses, viruses, hacking, phishing and various other types of attacks. Cyberspace has anonymity which is misused by terrorists and criminal groups. Security agencies of various countries use cyberspace to carry out strikes at key resources of enemy country and to conduct espionage activities. Various countries are taking steps against this 5th generation warfare technique so does India.

Indian efforts started from 1980s and presently revolves around the National Cybersecurity Strategy 2020 which aims at building a robust system of cybersecurity. Cybersecurity is not a choice anymore for India, it is a compulsion because if we will not ensure our cyberspace security then enemies will not take a second to bring down India to its knees. There are various challenges in front of India like knowledge, technology and finances, if we want to have a strong cybersecurity system then we have to address these challenges as soon as possible.

  1. Available at URL:, accessed on 16/11/2021
    Available at URL:, accessed on 16/11/2021
    Available at URL: accessed on 16/11/2021
  2. Available at URL accessed on 14/11/2021
  3. Riza Azmi and Katsurina Katsurina, Revisiting Cyber Definition,
  4. Available at URL accessed on 14/11/2021
  5. Available at URL:, accessed on 16/11/2021
  6. Patel, Kathan and Chudasama, Dhaval M, National Security Threats in Cyberspace, Indrashil University,
  7. Available at URL:, accessed on 15/11/2021
  8. C. V. Anchugam, K. Thangadurai. "chapter 4 Classification of Network Attacks and Countermeasures of Different Attacks", IGI Global
  9. Available at URL: accessed on 14/11/2021
    Available at URL :, accessed on 14/11/2021
  10. Available at URL : accessed on 14/11/2021
  11. Available at URL :, accessed on 14/11/2021
    Available at URL :, accessed on 14/11/2021
  12. Available at URL, accessed on 14/11/2021
  13. Available at URL : , accessed on 17/11/2021
    Available at URL: , accessed on 17/11/2021
  14. Fanelli, R. Cyberspace Offense and Defense. Journal of Information Warfare, vol. 15, no. 2, Peregrine Technical Solutions, 2016, pp. 53-65,
  15. Fanelli, R. Cyberspace Offense and Defense. Journal of Information Warfare, vol. 15, no. 2, Peregrine Technical Solutions, 2016, pp. 53-65,
  16. Reveron, Derek S. An Introduction to National Security and Cyberspace. Cyberspace and National Security: Threats, Opportunities, and Power in a Virtual World, edited by DEREK S. REVERON, Georgetown University Press, 2012, pp. 3-20,
  17. Shiv Raman, Nidhi Sharma. Cyber Terrorism in India: A Physical Reality Orvirtual Myth. Indian J Law Hum Behav. 2019;5(2): 133-140. Available at URL: accessed on 14/11/2021
  18. Mohan, Arun and Sharma, RK, The Cyber command: Upgrading India's National Security Architecture, Observer Research Foundation,
  19. Aiyengar, SSR, National Strategy for Cyberspace security, Centre for Land Warfare Studies,
  20. Yilmaz, Senol (Shen), and Kah-Kin Ho. Securing Cyberspace: Whose Responsibility? Cybersecurity: Some Critical Insights and Perspectives, edited by Damien D. Cheong, S. Rajaratnam School of International Studies, 2014, pp. 37-42,
  21. Reveron, Derek S. An Introduction to National Security and Cyberspace. Cyberspace and National Security: Threats, Opportunities, and Power in a Virtual World, edited by DEREK S. REVERON, Georgetown University Press, 2012, pp. 3-20,
  22. BHARDWAJ, SANDEEP. Security in Cyberspace: India's Multilateral Efforts. Shaping the Emerging World: India and the Multilateral Order, edited by Waheguru Pal Singh Sidhu et al., Brookings Institution Press, 2013, pp. 217-36,
  23. Available at URL :, accessed on 18/11/2021
  24. Available at URL: accessed on 18/11/2021
  25. Available at URL: accessed on 18/11/2021
  26. Available at URL accessed on 18/11/2021
  27. Available at URL : accessed on 18/11/2021
  28. Maj Gen Mallick, VP. Cyber Security in India, Present Status, Vivekananda International Foundation,
  29. Aiyengar, SSR, National Strategy for Cyberspace security, Centre for Land Warfare Studies,
    Parmar, Sushma Devi, Cybersecurity in India: An Evolving Concern for National Security, Central University of Gujarat,

Law Article in India

Ask A Lawyers

You May Like

Legal Question & Answers

Lawyers in India - Search By City

Copyright Filing
Online Copyright Registration


How To File For Mutual Divorce In Delhi


How To File For Mutual Divorce In Delhi Mutual Consent Divorce is the Simplest Way to Obtain a D...

Increased Age For Girls Marriage


It is hoped that the Prohibition of Child Marriage (Amendment) Bill, 2021, which intends to inc...

Section 482 CrPc - Quashing Of FIR: Guid...


The Inherent power under Section 482 in The Code Of Criminal Procedure, 1973 (37th Chapter of t...

Facade of Social Media


One may very easily get absorbed in the lives of others as one scrolls through a Facebook news ...

Sexually Provocative Outfit Statement In...


Wednesday, Live Law reported that a Kerala court ruled that the Indian Penal Code Section 354, ...

UP Population Control Bill


Population control is a massive problem in our country therefore in view of this problem the Ut...

Lawyers Registration
Lawyers Membership - Get Clients Online

File caveat In Supreme Court Instantly