New Delhi: Experts from India and the US will test each other’s skills and capabilities in tackling cyber security threats this week, in the first such exercise of its kind.

Computer emergency response team (CERT) members will generate live threats and carry out attacks on critical infrastructure. These will need to be repulsed and aggressive counterattacks launched.

Fifteen officials from each side will be involved in the two-day exercise starting on Wednesday. CERTs, also referred to as quick response teams, are the designated agencies for cyber incident prevention and mitigation.

“We will be based in our respective offices where we would try to test each other’s skills and capabilities in real time," an official who’s participating in the exercise said on condition of anonymity. “The exercise will expose level of preparedness and response to mitigate the problem in real time. Also, it will be our first-hand exposure to the kind of technology the US has. The lessons learnt will be incorporated for better preparedness in future."

Another official, who also declined to be named, said, “We may share some of our technologies depending on the exercise results."

The US is also worried about India’s cyber preparedness as it’s a major hub to which banks and other companies outsource business processes, experts said.

“Perhaps they will be impacted more since a large number of corporates have outsourced operations to India," said Mukul Shrivastava, executive director, fraud investigation and dispute services, Ernst and Young, a consultancy. “The other factor that makes this even more relevant is the perceived vulnerability of India to terrorist strikes."

Pradeep Udhas, head of information technology (IT) and IT-enabled services sector, KPMG, India, said, “I feel the US fears on security of client data of India-based BPOs (business process outsourcing firms) are unfounded as most of them, either captives or third party, are following international standards for security. Cyber security of government establishments is another matter. Some of them may not be ready for ‘cyber war’."

According to the Nasscom lobby group, the Indian IT and BPO sector crossed aggregate revenue of $100 billion (around 5.5 trillion today) in fiscal 2012, generating direct employment for more than 2.8 million people.

India’s knowledge process outsourcing market is presently estimated to be $50-70 million in size. It is forecast to see a compounded annual growth rate of 25-30% through 2013.

In April, the US pressed India on cyber security during day-long talks on internal security between Union home secretary R.K. Singh and his counterpart Jane Lute.

“Their main thrust was on cyber security," said an Indian official who attended the talks, requesting anonymity. “They were more interested in India’s capability to detect and investigate cases related to cyber crime. Their concerns are justified as back offices of many US companies are located in various parts of the country. It is likely that India and the US will share more on the technology front as they pledged more cooperation."

India intends to hold similar cyber security drills with some members of the Association of Southeast Asian Nations later this month.

Cyber crime cases have increased significantly in the past few years in India. According to data complied by the home ministry, 1,791 cases were registered under the Information Technology Act in 2011 against 966 in 2010—an increase of over 85%. Cyber cases under the Indian Penal Code (IPC) went up by 18.5% in 2011.

The IT Act deals with cases related to hacking and obscenity, and the IPC covers offences such as false electronic evidence, forgery and counterfeiting. A total of 1,630 people, mostly aged 18-30, were arrested under these laws in 2011. Last year, a defence installation was apparently targeted by Chinese hackers.

Defence minister A.K. Antony said in a parliamentary statement that in the last two-three years, there have been cyber attacks against vital and sensitive organizations, including defence-related ones.

Flame and Stuxnet-like malicious malware are the new weapons of choice for nations engaging in espionage and cyber terrorism and warfare.

“The Chinese are concentrating more on building such capabilities," said former director general of military intelligence R.K. Sawhney.

“The nature of war has been changed from symmetrical to asymmetrical. Now, cyber is becoming a lethal weapon. Chinese are concentrating more on it and this is really worrisome. We have the capacity, but we do not have focus. It is time we should really act and set up a dedicated regiment for cyber warfare."

Last week, Prime Minister Manmohan Singh, home minister Sushil Kumar Shinde and Intelligence Bureau chief Nehchal Sandhu highlighted in various comments the country’s growing vulnerability to cyber security threats.

“There is increasing evidence of resort taken by terrorists to the cyberspace domain," Shinde said. He also referred to hate messages that led to a panic exodus of people from the North-East from southern cities rushing back home for safety.

“Besides providing a pervasive infrastructure for discreet communication, cyberspace is proving to be a facilitator for malevolents seeking to enlist new recruits and to purvey a distorted version of the reality," he said. “Anonymity that the user acquires in this medium can sometimes test the capacities of even the most experienced police investigator."

E-commerce transactions in India touched 8,146 crore in 2007, more than doubled to 19,688 crore in 2009, and crossed 45,000 crore in 2011, according to estimates by the Internet and the Mobile Association of India.

The value of transactions is expected to touch at least $70 billion by 2024-25 and could even rise to $260 billion if all factors remain conducive to growth, the association said.

Close