Keynote Address by Dr. Arvind Gupta, Director Vivekananda International Foundation (VIF)

It gives me great pleasure to participate in the FICCI-VIF Homeland Security 2019 conference. Over the years, the conference has gained prominence and served as a platform for interaction amongst the various stakeholder concerned with cybersecurity. We are fortunate that the representatives of the government, law enforcement agencies, businesses, academic community, experts have been brought together on this platform this year.

Cybercrime is growing exponentially not only in India but across the world. In 2017, two billion records were compromised and 4.5 billion in the first half of 2018 alone. Four new malware are introduced every minute. Ransomware is becoming increasingly common. Phishing remains the weapon of choice for the attackers. The healthcare industries are the most targeted industry in 2017. The organisation spent $ 86.4 billions on cybersecurity in 2017.

Nearly 80 percent of online incidents can be categorized as cybercrime. Eradicating cybercrime is next to impossible. However, dealing with cybercrime is imperative.

This year's conference is on the theme of innovation-led approaches to deal with cybercrime. This is an apt theme considering that in the light of emerging technologies new approaches are required to deal with hi-tech crime. Older methods are becoming less efficient.

I would also like to congratulate the FICCI and Ernst & Young for the two useful reports brought out by them on how the new age cyber criminals are to be confronted and how predictive policing should be incorporated by the police forces in combatting cybercrime. The reports have excellent analyses and practical suggestions

I would like to focus on two specific aspects of the changing landscape of cybercrime.

Internet of Thing (IoT)

First, we should be aware that the emergence of the Internet of Thing (IoT) will pose a massive challenge to cybersecurity. The IoT will lead to tens of billions of devices being connected with each other. They would collect and exchange data user and environmental silently through hosts of sensors. The networks will become exceedingly vulnerable to cyber-attacks in the age of hyper-connectivity. Sectors such as healthcare, entertainment, e-commerce, the household sector will become particularly vulnerable. Data privacy and personal safety will become hostage to cybercriminals.

Artificial Intelligence (AI)

The next challenge will be from emerging technologies like artificial intelligence, and machine learning. Artificial intelligence is a dual-use technology. It can be used and abused depending upon the motivation.

Cybersecurity firms use AI system to perform pattern recognition that can help identify malicious behaviour in software. AI can be used to strengthen spam filtering, network intrusion detection, fraud detection, botnet detection, and hacking incident forecasting. Machine learning can analyse whether a website navigates to a malicious domains. AI system can also analyse the micro behavior of ransomware attacks. AI-powered system can scan articles, studies, and news on cyber threats. They can also use Natural Language Processing for selecting useful information to gain insights into cyber attacks, anomalies, mitigation and prevention strategies. Combatting spam and detecting malware can be facilitated by AI-enabled cybersecurity.

However, the attacker can also use AI to profile their victims analyse their online behaviors and track this wealth. AI system can be used to predict how a victim would react if faced with a ransomware threat. Thus AI will be double edged sword.

Lessons for Law Enforcement Agencies

With the emergence of how technologies like AI, Machine Learning (M), cloud computing and big data analytics, cybercrime is moving into new directions. Cybercriminals are smart, agile and highly motivated. The new technologies provide them with new tools to commit crime in more effective ways. Cybercrime is a highly profitable business. The anonymity provided by cyberspace is a great assets to the cybercriminals.

The law enforcement agencies have a difficult task of keeping ahead of the cybercriminals. Nevertheless, law enforcement agencies also have access to the same technologies and tools as the criminals have. They also have to learn to use these technologies to improve their efficiencies.

The Law enforcement agencies should incorporate big data analytics and AI and ML into their policing methods. These technologies can help to analyse large volumes of data such as FIRs, personal details, social media behaviour, locations, associations, travels etc. Artificial Intelligence would strengthen predictive policing.

The criminal justice system in India is in the need of a complete overhaul. While there are many dimensions to the reform of the criminal justice system, introduction of modern technologies is most urgent. The law officers must develop a thorough an understanding of the mind and the world of cyber criminals who are mostly invisible, live in multiple geographies and are tech-savvy.

Government’s Role

The Government has a big role in enabling the law enforcement agencies by equipping them with modern technologies, building capacities, addressing the shortage of professionals, tightening regulation, raising awareness, improving legal framework and enforcing cybersecurity norms and standards in the industry.

Many stakeholders are involved in cybersecurity. A fragmented approach to dealing with cybercrime will be counterproductive. In India, the central government, the state and various agencies are involved in combatting cybercrime. Cooperation amongst different agencies by way of information sharing, coordinated action is important. In Jul 2019, the Government has announced a scheme called the ‘Indian Cybercrime Coordination Centre’ for the period 2019-2020 to combat cybercrime effectively. The scheme consist of 7 components namely National Cybercrime Threat Analytics Unit; National Cybercrime Reporting Portal; Platform for Joint Cybercrime Investigation Team National Cybercrime Forensic Laboratory Ecosystem; National Cybercrime Training Centre; Cybercrime Ecosystem Management Unit; National Cyber Research and Innovation Centre. This is a good first step. However, care should be taken that all these centers are provided with adequate technologies, equipment, resources and manpower and are well coordinated.

It is also heartening to note that the Government has taken steps to enhance awareness about cybercrime and is facilitating the training of law enforcement officers, judges, prosecutors to prevent cybercrime and improve investigation. It has also launched a Cyber Crime Reporting Portal to encourage citizen to report on child pornography etc. These steps will certainly go some way in combatting cybercrime.
The present conference will no doubt generate new ideas on cybercrime management which will help all stakeholders. I wish the conference all success.

Thank you.