As governments, companies and in general, human beings come to rely more and more on computers big and small, their increasing efficiency creates an increasing dependence. On November 8th 2016, when Prime Minister Narendra Modi announced demonetization of 500 and 1000 rupee notes, it broke open floodgates of opinion and analysis, both for and against.
Among different goalposts that the government was supposed to achieve, a cashless economy was also mentioned. It is true, that a cashless economy will be much more transparent and the avenues of corruption will become small, if not disappear in entirety. Many economies like Sweden, Belgium, Amsterdam, Canada have managed to go cashless.
But is India technologically, logistically and security-wise, ready for it?
Threat on Two Fronts
In the nether world of the internet, another war rages on – the digital war. According to research by Sophos, one of the global leaders in network and endpoint security, India is one of the top five countries with the highest percentage of endpoints exposed to malware attacks and cyber-attacks. Hackers based in Pakistan and China, routinely and in some cases, with the implicit approval of the state, conduct cyber-attacks on Indian websites and servers.
While most of the attacks yet have not managed to inflict any serious damage, but we cannot discount the risk because there have been chilling cases of breaches, like one in October 2016 when India saw a massive data breach, where 3.2 million debit card account details were stolen. According to ZDNet’s initial report, there were also feedback from several victims about their cards being used in China.
Cashless economy would mean expansion of POS machines and servers for apps like PayTM, and increased reliance. This would mean that a dedicated, coordinated attack could be devastating. The Northern Grid Failure of 2012 raised rumours of China’s involvement, though it is not conclusively proved. Yet, ruling it out would be fatal, because it would mean that at the height of their cyber-offensive capabilities they could cripple a big chunk of our defences and defensive information infrastructure without firing a gun.
China’s People’s Liberation Army officially has a cyber unit, called PLA Unit 61398, alleged to be the mastermind behind several hack attacks, stealing trade secrets over several years of giants such as Lockheed Martin and Telvent. It is believed to be a professional army, not a collection of enthusiasts.
Internet of Things
As the technology of IOT (Internet of Things) is still being developed, its usage as a cyber weapon has already been experienced. On 21st October 2016, The Atlantic reported an outage that lasted several hours, and any sites such as Twitter, Reddit, Spotify and Github became inaccessible for American users in the East Coast using a Distributed Denial of Service (DDOS) attack.
DDOS requires a big group of internet-connected devices (a botnet) to overwhelm any server with so many requests that it freezes. IOT is supposed to connect simpler devices to the internet that in the current era are not – for example, refrigerators, microwaves, cameras, DVRs, CCTVs, etc.
Couple this with China’s mammoth manufacturing capability, especially in electronics – they could effectively develop countless number of them, and turn them into gigantic botnets that could wreak havoc. Pakistan, now in a closer embrace with China, would simply have to follow their lead, and couple that with any other aggression of their choosing.
Urgent Requirements – Cyber Offense and Blockchain
If the government really has to expand the cashless economy, it should be accompanied by a rapid increase and upgrade of cyber security, as well as cyber offensive capability to act as a deterrent. India cannot afford to act after a major hack attack occurs.
Also, India must consult experts in the digital technology of Blockchain, which would in the future enable the transfer of money online without needing a third-party. Our neighbours up north, turns out, already have done so in order to go cashless aided by the expertise of the best technocratic minds from the industry.
The internet is poised to become a serious battleground, and there is a chance that the damage inflicted by hacker armies in the future will not be fixed by a simple Control-Alt-Delete or turning the computer off and then on again.
Title image: briandcolwell
This is a guest blog. The views expressed are not necessarily that of Reacho. To write on Reacho, mail us at firstname.lastname@example.org