Central bureau of investigation (CBI), India has learnt the cyber security lessons the hard way. It website has been claimed to be defaced by Pakistani crackers. It has been more than 20 days since the website of CBI was defaced. However, the initial defacement has raised a more serious issue.
The issue pertains to lack of cyber security capabilities of India in general and CBI in particular. India has been negligent in developing cyber security capabilities. Even if Indian ministers and bureaucrats talk about cyber security, it primarily pertains to website defacement.
Cyber security is a very wider and holistic concept. It has little to do with website defacement but primarily addresses the security of the entire cyberspace architecture. Surprisingly, CBI website is still offline and is down. Even the heavyweight departments like department of information and communication technology (DIT), India, national informatics centre (NIC), India, Indian computer emergency response team (CERT India), etc failed to do anything in this regard.
This has come as a severe blow to the cyber capabilities of CBI. A black spot on the otherwise good performance of CBI is lack of knowledge about techno legal issues like cyber law, cyber security, cyber forensics, etc. CBI must urgently develop cyber security and techno legal expertise.
For the time being there is no escape from the conclusion that law enforcement agencies and investigation agencies of India lack techno legal expertise in the fields like cyber law, cyber security and cyber forensics. This has drastically reduced their capabilities to solve cyber crimes through latest investigative technologies. They need good and effective training in this regard.
However, what is more worrying is the fact that even DIT, NIC and Cert India are no better situated. The website of CBI is a classic example of the same where India is hiding its lack of cyber capabilities behind the façade of security audit. After all security audit does not take months or years to finish if proper expertise is there.
This situation has created a serious threat to critical ICT infrastructure protection of India. With the present speed and efforts, Indian cyberspace is really vulnerable to all sorts of cyber attacks. India must immediately formulate an effective cyber security policy and follow the same in letter and spirit.