Guest Column: Indian Blackout - Some legal perspectives

The grid collapse brings before us a chilling trailer of what India and Indian citizens could face, should the critical information infrastructure of India be targeted by cyber criminals and cyber terrorists

On Monday July 30, 2012 at 2:30am, the entire Northern of India went dark. Again the next day at 1:30pm, the Northern and the Eastern Grids failed. Due to the power supply failure, hundreds of millions of people, much more than the population of the US and Canada combined, suffered from a sudden darkening of the grids. NDTV.com reported that the power supply to as many as 19 states crashed, after three grids—the Northern, Eastern And North-Eastern—tripped. The Economic Times reported that in what is being called as the biggest ever power failure in India, half of the country was without electricity supply in the afternoon of Tuesday July 31, 2012. While various reasons have been attributed for the said failure, the fact remains that immeasurable hardships were experienced by millions, who were affected by the said event.

It took many hours to restore electricity completely in all the places across India on July 30, 2012. It was the worst blackouts in the history of independent India for the last one decade. Further, the said event brings to one's mind the frightening ramifications, should one see this event in a different light.

It is common knowledge that cyber terrorists and cyber criminals are today targeting critical information infrastructure of the countries in order to put pressure on them. Sovereignty of countries is sought to be undermined by impacting and prejudicially affecting their critical information infrastructure.

It is also no secret that India is the third most infected nation in the world as far as Stuxnet virus infected computers are concerned. (Stuxnet is a computer worm discovered in 2010 which targets Siemens industrial software and equipment, and targeted Iran’s nuclear programme.)

The Northern and Eastern brings to one’s mind the disastrous consequences that could face our nation, should our critical information infrastructure be attacked by a virus or computer contaminant like Stuxnet. Given the rapid growth of India over the last decade and half, India's growth story has been studiously followed. It is also possible that a lot of effort could be made by vested interests so as to prejudicially impact the sovereignty, integrity, security, defence of India, its friendly relations with other nations as also public order.

The brings before us a chilling trailer of what India and Indian citizens could face, should the critical information infrastructure of India be targeted by cyber criminals and cyber terrorists.

If a Stuxnet kind of virus is targeted at India’s critical information infrastructure, the consequences could be far more disastrous. Not only could the restoration of services take a far longer time but during the interregnum period of attack on critical information infrastructure, there is high possibility that other endeavours could also be attempted to weaken the sovereignty, integrity, security and defence of India. 

Should a takes place because of an attack from computer contaminants or viruses, or any deliberate intentional hacking of cybercrimes, then India is likely to have a tough challenge in its hands.

Currently, India still does not have any dedicated national policy on cyber security. India has no mechanism in place which will inform its relevant stakeholders and citizens of what needs to be done, should a situation like Estonia befall upon us.

The of the grids, though it has happened due to different reasons, should also be a wake-up call for Indian policy makers to beef up the measures of Indian critical information infrastructure. Further, there is a need for coming up with appropriate national enabling policies that would inform citizens of what steps need to be taken, in the event of any cyber related emergencies.

The Indian Information Technology Act, 2000 as amended is ill equipped to deal with such exigencies. There is a need for further amending the Indian Information Technology Act, 2000 to make it even more stringent in respect of any unauthorised activity attempted or targeted at Indian critical information infrastructure and provide for deterrent punishment for such heinous crimes.

I hope this is soon going to be behind us, but this needs to become a strong wake-up call to wake up the Indian policymakers out of their complacency. The need for implementing adequate and effective protection mechanisms and enabling legal regulatory framework in this regard is the need of the hour for India. The call of the time is to inculcate security as a way of life amongst Indian stakeholders and citizens.

It will be interesting to see how India responds to the various related challenges that it is facing in the context of cyberspace as also use of its critical information infrastructure.

The author Pavan Duggal is a leading expert and authority on Cyberlaw in Asia. He can be reached at his email addresses pavan@pavanduggal.com

image
Business Standard
177 22
Business Standard

Guest Column: Indian Blackout - Some legal perspectives

The grid collapse brings before us a chilling trailer of what India and Indian citizens could face, should the critical information infrastructure of India be targeted by cyber criminals and cyber terrorists

Pavan Duggal  |  New Delhi 



On Monday July 30, 2012 at 2:30am, the entire Northern of India went dark. Again the next day at 1:30pm, the Northern and the Eastern Grids failed. Due to the power supply failure, hundreds of millions of people, much more than the population of the US and Canada combined, suffered from a sudden darkening of the grids. NDTV.com reported that the power supply to as many as 19 states crashed, after three grids—the Northern, Eastern And North-Eastern—tripped. The Economic Times reported that in what is being called as the biggest ever power failure in India, half of the country was without electricity supply in the afternoon of Tuesday July 31, 2012. While various reasons have been attributed for the said failure, the fact remains that immeasurable hardships were experienced by millions, who were affected by the said event.

It took many hours to restore electricity completely in all the places across India on July 30, 2012. It was the worst blackouts in the history of independent India for the last one decade. Further, the said event brings to one's mind the frightening ramifications, should one see this event in a different light.

It is common knowledge that cyber terrorists and cyber criminals are today targeting critical information infrastructure of the countries in order to put pressure on them. Sovereignty of countries is sought to be undermined by impacting and prejudicially affecting their critical information infrastructure.

It is also no secret that India is the third most infected nation in the world as far as Stuxnet virus infected computers are concerned. (Stuxnet is a computer worm discovered in 2010 which targets Siemens industrial software and equipment, and targeted Iran’s nuclear programme.)

The Northern and Eastern brings to one’s mind the disastrous consequences that could face our nation, should our critical information infrastructure be attacked by a virus or computer contaminant like Stuxnet. Given the rapid growth of India over the last decade and half, India's growth story has been studiously followed. It is also possible that a lot of effort could be made by vested interests so as to prejudicially impact the sovereignty, integrity, security, defence of India, its friendly relations with other nations as also public order.



The brings before us a chilling trailer of what India and Indian citizens could face, should the critical information infrastructure of India be targeted by cyber criminals and cyber terrorists.

If a Stuxnet kind of virus is targeted at India’s critical information infrastructure, the consequences could be far more disastrous. Not only could the restoration of services take a far longer time but during the interregnum period of attack on critical information infrastructure, there is high possibility that other endeavours could also be attempted to weaken the sovereignty, integrity, security and defence of India. 

Should a takes place because of an attack from computer contaminants or viruses, or any deliberate intentional hacking of cybercrimes, then India is likely to have a tough challenge in its hands.

Currently, India still does not have any dedicated national policy on cyber security. India has no mechanism in place which will inform its relevant stakeholders and citizens of what needs to be done, should a situation like Estonia befall upon us.

The of the grids, though it has happened due to different reasons, should also be a wake-up call for Indian policy makers to beef up the measures of Indian critical information infrastructure. Further, there is a need for coming up with appropriate national enabling policies that would inform citizens of what steps need to be taken, in the event of any cyber related emergencies.

The Indian Information Technology Act, 2000 as amended is ill equipped to deal with such exigencies. There is a need for further amending the Indian Information Technology Act, 2000 to make it even more stringent in respect of any unauthorised activity attempted or targeted at Indian critical information infrastructure and provide for deterrent punishment for such heinous crimes.

I hope this is soon going to be behind us, but this needs to become a strong wake-up call to wake up the Indian policymakers out of their complacency. The need for implementing adequate and effective protection mechanisms and enabling legal regulatory framework in this regard is the need of the hour for India. The call of the time is to inculcate security as a way of life amongst Indian stakeholders and citizens.

It will be interesting to see how India responds to the various related challenges that it is facing in the context of cyberspace as also use of its critical information infrastructure.

The author Pavan Duggal is a leading expert and authority on Cyberlaw in Asia. He can be reached at his email addresses pavan@pavanduggal.com

RECOMMENDED FOR YOU

Guest Column: Indian Blackout - Some legal perspectives

The grid collapse brings before us a chilling trailer of what India and Indian citizens could face, should the critical information infrastructure of India be targeted by cyber criminals and cyber terrorists

On Monday July 30, 2012 at 2:30am, the entire Northern Grid of India went dark. Again the next day at 1:30pm, the Northern and the Eastern Grids failed. Due to the power supply failure, hundreds of millions of people, much more than the population of the US and Canada combined, suffered from a sudden darkening of the grids. NDTV.com reported that the power supply to as many as 19 states crashed, after three grids—the Northern, Eastern And North-Eastern—tripped.

On Monday July 30, 2012 at 2:30am, the entire Northern of India went dark. Again the next day at 1:30pm, the Northern and the Eastern Grids failed. Due to the power supply failure, hundreds of millions of people, much more than the population of the US and Canada combined, suffered from a sudden darkening of the grids. NDTV.com reported that the power supply to as many as 19 states crashed, after three grids—the Northern, Eastern And North-Eastern—tripped. The Economic Times reported that in what is being called as the biggest ever power failure in India, half of the country was without electricity supply in the afternoon of Tuesday July 31, 2012. While various reasons have been attributed for the said failure, the fact remains that immeasurable hardships were experienced by millions, who were affected by the said event.

It took many hours to restore electricity completely in all the places across India on July 30, 2012. It was the worst blackouts in the history of independent India for the last one decade. Further, the said event brings to one's mind the frightening ramifications, should one see this event in a different light.

It is common knowledge that cyber terrorists and cyber criminals are today targeting critical information infrastructure of the countries in order to put pressure on them. Sovereignty of countries is sought to be undermined by impacting and prejudicially affecting their critical information infrastructure.

It is also no secret that India is the third most infected nation in the world as far as Stuxnet virus infected computers are concerned. (Stuxnet is a computer worm discovered in 2010 which targets Siemens industrial software and equipment, and targeted Iran’s nuclear programme.)

The Northern and Eastern brings to one’s mind the disastrous consequences that could face our nation, should our critical information infrastructure be attacked by a virus or computer contaminant like Stuxnet. Given the rapid growth of India over the last decade and half, India's growth story has been studiously followed. It is also possible that a lot of effort could be made by vested interests so as to prejudicially impact the sovereignty, integrity, security, defence of India, its friendly relations with other nations as also public order.

The brings before us a chilling trailer of what India and Indian citizens could face, should the critical information infrastructure of India be targeted by cyber criminals and cyber terrorists.

If a Stuxnet kind of virus is targeted at India’s critical information infrastructure, the consequences could be far more disastrous. Not only could the restoration of services take a far longer time but during the interregnum period of attack on critical information infrastructure, there is high possibility that other endeavours could also be attempted to weaken the sovereignty, integrity, security and defence of India. 

Should a takes place because of an attack from computer contaminants or viruses, or any deliberate intentional hacking of cybercrimes, then India is likely to have a tough challenge in its hands.

Currently, India still does not have any dedicated national policy on cyber security. India has no mechanism in place which will inform its relevant stakeholders and citizens of what needs to be done, should a situation like Estonia befall upon us.

The of the grids, though it has happened due to different reasons, should also be a wake-up call for Indian policy makers to beef up the measures of Indian critical information infrastructure. Further, there is a need for coming up with appropriate national enabling policies that would inform citizens of what steps need to be taken, in the event of any cyber related emergencies.

The Indian Information Technology Act, 2000 as amended is ill equipped to deal with such exigencies. There is a need for further amending the Indian Information Technology Act, 2000 to make it even more stringent in respect of any unauthorised activity attempted or targeted at Indian critical information infrastructure and provide for deterrent punishment for such heinous crimes.

I hope this is soon going to be behind us, but this needs to become a strong wake-up call to wake up the Indian policymakers out of their complacency. The need for implementing adequate and effective protection mechanisms and enabling legal regulatory framework in this regard is the need of the hour for India. The call of the time is to inculcate security as a way of life amongst Indian stakeholders and citizens.

It will be interesting to see how India responds to the various related challenges that it is facing in the context of cyberspace as also use of its critical information infrastructure.

The author Pavan Duggal is a leading expert and authority on Cyberlaw in Asia. He can be reached at his email addresses pavan@pavanduggal.com

image
Business Standard
177 22

More News

  • Centre's fiscal deficit at 74% of BE in first four months of FY17 Centre's fiscal deficit at 74% of BE in first four months of FY17
  • Power Minister Piyush Goyal No power plant stranded for want of coal: Piyush Goyal
Widgets Magazine

Widgets Magazine

Upgrade To Premium Services

Welcome User

Business Standard is happy to inform you of the launch of "Business Standard Premium Services"

As a premium subscriber you get an across device unfettered access to a range of services which include:

  • Access Exclusive content - articles, features & opinion pieces
  • Weekly Industry/Genre specific newsletters - Choose multiple industries/genres
  • Access to 17 plus years of content archives
  • Set Stock price alerts for your portfolio and watch list and get them delivered to your e-mail box
  • End of day news alerts on 5 companies (via email)
  • NEW: Get seamless access to WSJ.com at a great price. No additional sign-up required.
 

Premium Services

In Partnership with

 

Dear Guest,

 

Welcome to the premium services of Business Standard brought to you courtesy FIS.
Kindly visit the Manage my subscription page to discover the benefits of this programme.

Enjoy Reading!
Team Business Standard