Indian cyber commandos will not be enough, experts say

A day after the Indian government unveiled a slew of initiatives to combat cybercrime, cybersecurity experts and activists welcomed the move but remained cautious about its practical implementation. Home Minister Amit Shah on September 10 announced plans to train a special wing of 5,000 cyber commandos over the next five years to tackle the growing cyber threats in India.

While this move is a sign of progress, industry experts stress the need for a stronger framework and focus on emerging trends in cybercrime.

The New Cyber ​​​​Commando Unit: A First Line of Defense

Central to the government’s initiative is the formation of a cyber commando unit, which will consist of 5,000 commandos recruited from all police forces in every state and union territory. Each commando will be selected based on their expertise in IT, digital forensics and cybersecurity. The cyber commandos will act as India’s first line of defence against domestic and international cyber threats, securing IT networks and investigating cyberspace issues.

However, cybersecurity expert Srinivas Kodali believes that this effort, while welcome, is too late and insufficient. Kodali, an interdisciplinary researcher on data, cities and the internet, expressed concern that 5,000 cyber warriors may not be enough, given India’s pace of digitalisation.

“There is immense pressure on the government to implement such a program due to the increase in cybercrime. However, the number of cyber warriors is the bare minimum. This initiative is unlikely to revolutionize things, but it is a step in the right direction,” Kodali said.

Global inspiration: following international cybersecurity models

India’s new cyber commando unit appears to be drawing inspiration from similar government-funded cybersecurity programs in countries including the United States, Australia, China and Russia. In these countries, cybersecurity professionals protect critical infrastructure, including power grids, transportation systems and financial networks, from sophisticated cyberattacks. India is seeking to emulate this model, with possible collaboration from Western countries on intelligence and technology development.

While experts like Kodali acknowledge the need for this move, others, such as cybersecurity entrepreneur Nandakishore Harikumar, CEO of Technisanct, highlight additional considerations. Harikumar voiced similar concerns about the scale of the initiative, noting that more resources are needed to address both cybercrime and enterprise security.

“We need a lot of resources to fight cybercrime and we don’t have them. So, creating cyber warriors is a welcome step in that direction. I believe that the government should focus on cybercrime and on securing businesses. The government should also focus on data breaches as this is the basis for cybercrime,” Harikumar stressed.

Will AI be effective in fighting cybercrime?

Another major initiative that Shah announced is the establishment of the Cyber ​​​​Fraud Mitigation Centre (CFMC), a national platform that will work with banks, financial institutions, telecom providers and law enforcement to combat online financial crime. The CFMC will use artificial intelligence (AI) to analyze cyber fraud patterns and create countermeasures.

However, the use of AI in cybersecurity raises questions about its efficacy. Kiran Chandra, General Secretary of the Free Software Movement of India (FSMI), advised caution regarding the application of AI in such a crucial field.

“AI is still evolving. The dataset and algorithms on which AI is trained are crucial. If either is biased, the outcomes will be skewed. The open-source way of working is not well known. The government should be transparent about the algorithmic efficiency of its AI because there are over a billion users in the country and zettabytes of data is being generated, making it difficult to track information,” Chandra explained.

Srinivas Kodali added that training law enforcement officials in AI technologies is crucial. “Online scammers are already using AI, deepfakes, to carry out cybercrime. It makes sense that police should be trained in this,” Kodali said.

‘Collecting data is crucial’

In another significant move, Shah inaugurated the Samanvaya Platform, a centralized data repository for sharing cybercrime information among law enforcement agencies. The platform aims to streamline data sharing, crime mapping and analytics to improve the efficiency of investigations.

Harikumar stressed the importance of localizing data repositories to effectively combat cybercrime in India. He stressed the importance of localizing data repositories to effectively combat cybercrime in India. “The launch of a data sharing platform caught my attention. India’s cybercriminals operate in very localized ways, like the recent ‘Fedex Courier Scam’, where criminals target individuals within their region. Collecting this data is crucial to mapping and tackling this cybercrime,” he explained.

By effectively collecting and processing data, the Indian government hopes to build a resilient ecosystem capable of combating evolving cyber threats. But as Harikumar noted, ensuring adequate training for cyber commandos will be key to the platform’s success.

Balancing cybercrime prevention with privacy concerns

The fourth major initiative of the Indian government is the creation of a national ‘suspect registry’ of various mule account identifiers based on the national cybercrime reporting portal, and connecting state registries with it to strengthen the fraud risk management capabilities of the financial ecosystem. Shah said the national suspect registry will help ensure that states/UTs do not work in silos.

Chandra supported the move, but stressed that the register of suspects should go beyond just financial fraud and also include other cybercrimes.

“The purpose of threat intelligence and dark web monitoring systems should be to ensure the protection of the common man unchallenged. It is the responsibility of the state to ensure that the common man does not fall victim to cybercrime. So this is a welcome step.”

“But protecting people from online financial fraud is one thing. But most people also fall victim to other online frauds like stalking, cyber bullying and other basic issues like drug crime. The government should also look into these issues and take strict measures,” Chandra argued.

He also stressed the importance of balancing cybercrime prevention with privacy rights.

“The right to privacy is a fundamental right. There is a fine line between surveillance and surveillance. So what rules and procedures the government will make and how it will draw the line in public cyberspace so as not to violate privacy needs to be investigated.”

The path forward

The Indian government’s new cybersecurity initiatives are a step toward securing the country’s rapidly growing digital infrastructure. However, their success will depend on careful policy implementation, workforce training, technological advancements, and transparency in processes such as AI deployment and data sharing.

As India embarks on this journey, experts remain cautiously optimistic and urge the government to strike a balance between preventing cybercrime and protecting civil liberties. With strong planning and collaboration, India can build a secure and resilient digital ecosystem that can meet the challenges of an increasingly connected world.

Related