Let's Build a Responsible Cyber Society

Visit
www.ceac.in

Visit
www.arbitration.in

 

REPORT ON

THE ROUND TABLE DISCUSSION ON

CYBER-TERRORISM

 6TH DEC, 2008.

Chairing the Conference, Mr. Na. Vijayashankar, made an opening statement briefly mentioning about the stand of the Organization in earlier sessions that the need to have a separate entity like the ‘National Infrastructure for cyber security” and to have an umberalla organisation to co-operate and co-ordinate the Cyber Security systems including that of the private agencies. He Opened the discussion by categorizing the theme of the present Conference as follows:

 Round I: - Cyber-terrorism – Its definitions in International and Indian scenario.

  It was brought to the notice of the group that the FBI Definition of Cyber terrorism, any "premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against non-combatant targets by sub-national groups or clandestine agents."---thereby the three main ingredients are (1) Premeditated, (2) Politically motivated, (3) Violence.

  But this definition is insufficient for the Indian Scenario as the “Politically Motivated: ingredient to be stretched.

 Another stretched definition of cyber terrorism, is taken up -  “A criminal act perpetrated by the use of computers and telecommunications capabilities, resulting in violence, destruction and/or disruption of services, where the intended purpose is to create fear by causing confusion and uncertainty within a given population, with the goal of influencing a government or population to conform to a particular political, social or ideological agenda”

 Also the conference noted the definition given by Pakistani government,  "…any person, group or organization who, with terroristic intent utilizes, accesses or causes to be accessed a computer or computer network or electronic system or electronic device or by any available means, and thereby knowingly engages in or attempts to engage in a terroristic act."  Death penalty is  imposed by the government in case of death due to cyber terrorism.

With this background, the argument was raised on :

 (1)     The need of specific definition of cyber terrorism in Indian statutes and also what could be the main ingredient in defining the Cyber terrorism?

 (2)     Can cyber-terrorism be always linked to Physical harm or death?

 The Participants debated on the issues and the important points that came up are:

 1.       Cyber Crime and Cyber terrorism should be distinguished as there is a dividing line

2.   Cyber Terrorism can cause grave destruction like instability in e-governance, insecurity due to this instability, threat and so, cannot be linked always with death.

3.       The need of the proper definition and broad classification of the vital ingredient in cyber terrorism, “Violence” – an act of Militants, an act of Terrorist and an act of Crime need be distinguished in legal sphere.

4.       The need for specific procedural and evidential provisions in the investigation and trial of Cyber-terrorist cases. The participants also debated on diluting the Procedural provisions for cyber-terrorist cases compared to cyber –crime cases.

5.       The Participants also called for arming the enforcing agencies with special powers and debated the need of provision of S. 80 of ITA 2000 to be extendable to private areas also in case of Cyber –terrorist attacks.

 PROPOSITIONS MADE:

  1. Cyber-terrorism to be dealt separately and it is high time to define them and pass a separate statute.
  1. Need to elaborately define “violence” in the context of cyber-terrorism and to formulate specific procedures thereon and to form special agencies thereon keeping in view of the personal liberties of the common people.

Round II :- Cyber _security aspects - in the light of post 9/11 and post 26/11 scenario:

 Then the second set of discussion points were taken up on securing the cyber space. The group argued whether there is space for Cyber terrorist in cyber space and how to restrict or eradicate their virtual presence. He also discussed about the Cyber security measures taken by US aftermath 9/11 attack.

 Discussed about the working of  “Department of Homeland security” Of USA government, as an umbrella organization and their main tasks are highlighted as follows

  • coordinating the federal , state and Local government with the multiple Security agencies
  • making the security aspects of information as sharable
  • Preparing the defensive platform for the cyber terrorist attack at the national level.

 Also, the provisions of Patriotic act are discussed noting that it empowers the Government to safeguard the national security by providing appropriate tools to combat the current sophisticated techno-terrorism. With this scenario, the following lead questions are raised for debate: 

  1. Do we need an Umbrella organization in the lines of  Homeland security of USA?
  1. Do we need a statute in the lines of the Patriotic Act to combat cyber terrorism?

Debating on the issues, certain valuable facets are raised and that can be summarized as follows: 

  1. Setting Up of a special Platform for information sharing and co-ordinating with various security agencies in state levels and also with private agencies, though is a promising move, it is debated to have its own difficulties: AS in the case of Information sharing with the private agencies – the difficulties are : how cooperate are they going to be and what is the level of their disclosure not affecting their trade secrets or business reputation. This information sharing got its own advantages especially considering the National interest. But the interest of the corporate is also brought out in the debate.
  1. ISPs and Cyber cafes – the need to regulate them especially viewing them as a vulnerable platform for conducting the  Cyber -terrorist act.
  1.  By the Patriotic Act, Government are empowered to sent sponsored viruses – FBI’S magic lantern – could this kind of measures be legalized by India  Government also as part of the intelligence is debated and need for the counter-intelligence is also provoked.
  1. E-discovery of evidences and their collection and preservation is also debated.
  1. “Information security” in companies is  a major target for terrorist act and so to counter them, measures were debated and argument on the third party inspection were also considered. “Critical Infrastructure Information Act, 2002” of USA is put forth by Naavi for better understanding.

 PROPOSITIONS MADE: 

  1. A special Unit or expert Unit of Cyber security specialists are required at state level and a common platform like a Task force or agency is required to co-ordinate and co-opertae with these governmental agencies as well as the private security agencies.
  1. Information sharing is considered to be essential in order to counter the cyber-terrorist attack as well as to counter any future potential attacks. But, if this sharing to be kept in the public domain is still debated as the conference felt this should be protected especially from the knowledge of the terrorists.
  1. A separate law like USA Patriotic Act is essential in the current scenario to combat terrorism in real as well as virtual world. And a separate provision under ITA 2000 is insufficient and inappropriate also.

ROUND III:- Role of Netizens.

 Mr. Na. Vijayashankar went to the concluding round of discussion about the role of Netizens in countering the terrorism and put forth the following questions;

  1. Do Netizens have a role in combating cyber terrorism?
  1. Do netizens know what to do in case of cyber-terrorist attacks?

The participants unilaterally accepted that Netizen have a role in combating cyber terrorist attacks. The following suggestion are made

 PROPOSITIONS MADE: 

  1. In case of a suspected attack or any suspicions, reporting and sharing that informations.
  1. Creating awareness and educating the netizens about the botnets in cyberspace and making them as vigilant Netizens.
  1. Academic participation – like the Darkweb project.
  1. Media websites are basically infested websites and so need for the media to protect their sites as well the netizen to be aware of their security aspects.

OUTCOME  OF THE CONFERENCE:

Upholding the responsibility of the technical and legal wings of the Country, the Conference unanimously felt the need to form  a forum, and unilaterally declared the formation of the “National  Cyber security Forum” , and the members RESOLVED

(1)     to research, formulate and advise the government on the Cyber security issues.

(2)     Committed to safeguard the Cyberspace  from the attacks of Cyber –terrorist attacks by demanding the government for a separate Special Cyber-security Task force and a Separate statute for cyber terrorism,

(3)     TO stand by the government in achieving and furthering this goals.

  (P.S: I thank Smt Lalith Arun, Advocate, one of the participants for helping in the preparation of this report.. Naavi)

 

Visit
www.Naavi.net

Visit
www.lookalikes.in