Hub of Financial Crimes: Cyber Security and Types of Scams

Context: According to the Indian Cyber Crime Coordination Centre (I4C), Southeast Asian countries such as Cambodia, Myanmar, and Laos have become significant hotspots for cybercrimes, with approximately 48% of financial frauds in India originating from these nations.

More In News

• The Indian Cyber Crime Coordination Centre (I4C) analysed data showing around 7,000 cyber-related complaints are registered daily with the National Cybercrime Reporting Portal.
• Many web apps used in these crimes are written in Mandarin, indicating a potential China connection.
• Complaint Statistics:
  • The National Cybercrime Reporting Portal (NCRP) recorded 4 lakh complaints till April 30, 2023.
  • Complaints over the years were as follows:
    • 56 lakh in 2023
    • 61 lakh in 2022
    • 52 lakh in 2021
    • 57 lakh in 2020
    • 26,049 in 2019
• Types of Scams:
  • Common scams include:
    • Digital art scam
    • Trading scam
    • Investment scam (task-based)
    • Romance/dating scam
• Financial Impact: In the first four months of 2024, Indians had lost over ₹1,776 crore in 89,054 cases of financial crimes and there had been a “spurt in organised crime from south-east Asia.”
  • Financial losses reported by Indians included:
    • Rs 120.3 crore in digital art scams
    • Rs 1,420.48 crore in trading scams
    • Rs 222.58 crore in investment scams
    • Rs 13.23 crore in romance/dating scams

What is Cyber Security?

• Cybersecurity refers to the practice of protecting computers, servers, networks, electronic systems, and digital data from unauthorised access, theft, damage, or disruption.
• It involves implementing measures and employing technologies and processes to ensure the confidentiality, integrity, and availability of information and systems.
• Cybersecurity is necessary to protect sensitive data, preserve operational continuity, and mitigate financial risks posed by evolving cyber threats and crimes in the digital landscape.

Elements Of Cyber Security

• Application security: Applications play an essential role in business ventures; that is why every firm needs to focus on web application security. Web application security is important in order to protect customers, their information and interests.
• Information security: Information includes business records, personal data, customer data, intellectual property etc; hence, it is important for a corporation to have strong cyber security for information to prevent its leakage.
• Network Security: Network security consists of protecting the usability and reliability of networks and data. Measures to secure networks, include firewalls, intrusion detection and prevention systems (IDPS), virtual private networks (VPNs), and network segmentation.
• Disaster Recovery/ Business continuity planning: It is about being prepared for any kind of interference or cyber threat by identifying threats to the systems on time and analysing how they may affect the operations and methods to counter that threat.
• Operational security (OPSEC): It is used to protect organisation functions. It identifies important information and assets to track down threats and vulnerabilities that exist in the functional method.
• End-user education: It is important for an organisation to train their employees about cyber security because human error is one of the major causes of data breaches.

Current Cyber Security Architecture in India

• National Cyber Security Policy, 2013: It was the first comprehensive document brought out by the government to create a secure and resilient cyberspace ecosystem and strengthen the regulatory framework.
  • It aims to protect information infrastructure in cyberspace, reduce vulnerabilities, and build capabilities to prevent and minimise damage from cyber incidents through a combination of institutional structures, people, processes, technology and cooperation.
• National Cyber Security Strategy 2020: It was conceptualised by the National Security Council Secretariat to ensure a safe, secure, trusted, resilient and vibrant cyberspace for the Nation’s prosperity.
  • The pillars of the strategy are Secure (the National Cyberspace), Strengthen (Structures, People, Processes, Capabilities), and Synergise (Resources including Cooperation and Collaboration).

Institutional Mechanism

• Indian Cyber Crime Coordination Centre (I4C): It was rolled out by the Ministry of Home Affairs for the period 2018-2020 to combat cybercrime in the country, in a coordinated and effective manner.
• Indian Computer Emergency Response Team (CERT-In): It serves as the national agency for responding to cyber security incidents as per provisions of the IT Act, 2000. It issues alerts and advisories regarding the latest cyber threats/vulnerabilities and countermeasures to protect computers and networks on a regular basis.
• Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre): It has been launched for the detection of malicious programs and provides free tools to remove the National Cyber Crime Reporting Portal: It caters to complaints pertaining to cybercrimes only with a special focus on cybercrimes against women and children.
• National Cyber Coordination Centre (NCCC): It is a multi-stakeholder cybersecurity and e-surveillance agency, under CERT-In. It generates situational awareness of existing and potential cyber security threats and enables timely information sharing for proactive, preventive and protective actions by individual entities.
• National Critical Information Infrastructure Protection Centre (NCIIPC): It was created under the IT Act, 2000 (amended 2008) and designated as the National Nodal Agency to facilitate safe, secure and resilient information infrastructure for critical sectors of the Nation.

Indian Cyber Crime Coordination Centre (I4C)

Establishment and Purpose

• The I4C was established under the Ministry of Home Affairs (MHA) to address cybercrime in India comprehensively and in a coordinated manner.
• It aims to enhance coordination among various Law Enforcement Agencies (LEAs) and stakeholders to tackle cybercrime issues affecting citizens.
• The centre is situated in New Delhi.

Functions

• Serve as the central point in the battle against cybercrime.
• Identify research problems and needs of LEAs, and undertake R&D activities to develop new technologies and forensic tools in partnership with academic and research institutions domestically and internationally.
• Prevent the exploitation of cyberspace by extremist and terrorist groups.
• Recommend necessary amendments to cyber laws to keep pace with evolving technologies and international cooperation.
• Coordinate activities related to the implementation of Mutual Legal Assistance Treaties (MLAT) concerning cybercrimes in collaboration with the relevant nodal authority in MHA.

Components of I4C

• National Cybercrime Threat Analytics Unit (TAU): Regularly report threats related to cybercrimes.
• National Cybercrime Reporting Portal (NCRP): Provide a 24×7 platform for citizens across India to report various cybercrime complaints.
• National Cybercrime Training Centre (NCTC): Offer training to government officials, especially state law enforcement agencies.
• National Cybercrime Research and Innovation Centre: Conduct research to develop indigenous tools for preventing cybercrimes.
• Platform for Joint Cyber Crime Coordination Team: Facilitate coordination and sharing of cybercrime methodologies, data, and information among states/UTs LEAs.
• Cybercrime Ecosystem Management Unit: Promote mass awareness of cyber hygiene to prevent cybercrimes.
• National Cybercrime Forensic Laboratory (Investigation) Ecosystem: Assist LEAs in cyber forensic investigations.

Collaborative Efforts

• I4C integrates academia, industry, the public, and government for the prevention, detection, investigation, and prosecution of cybercrime.
• The Cyber Crime Volunteers Program invites citizens passionate about serving the nation to join a single platform and contribute to combating cybercrime.

Sharing is caring!