A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. It also refers to the possibility of a successful cyber attack that aims to gain unauthorized access, damage, disrupt, or steal an information technology asset, computer network, intellectual property or any other form of sensitive data. 

Today’s cybercrime landscape is diverse. Cyber threats can come from within an organization by trusted users or from remote locations by unknown parties.

Some common cyber threats include:

• Malware: Malware is software that does malicious tasks on a device or network such as corrupting data or taking control of a system.
  
  
• Spyware: Spyware is a form of malware that hides on a device providing real-time information sharing to its host, enabling them to steal data like bank details and passwords.
  
  
• Phishing attacks: Phishing is when a cybercriminal attempts to lure individuals into providing sensitive data such as personally identifiable information (PII), banking and credit card details and passwords.
  
  
• Distributed denial of service (DDoS) attacks: It aims to disrupt a computer network by flooding the network with superfluous requests to overload the system and prevent legitimate requests being fulfilled.
  
  
• Ransomware: Ransomware is a type of malware that denies access to a computer system or data until a ransom is paid.
  
  
• Trojans: A trojan creates a backdoor in your system, allowing the attacker to gain control of your computer or access confidential information.
  
  

Cyber attack is a particularly major threat to sectors identified under Critical Information Infrastructure (CII) that include financial systems, air traffic control and telecommunications.

It involves Intellectual property theft, theft of money, data manipulation and data destruction etc.

Challenges

• Increased use of mobile technology and the internet by people.
  
  
• Proliferation of Internet of Things (IoT) and lack of proper security infrastructure in some devices.
  
  
• Cyberspace has inherent vulnerabilities that cannot be removed.
  
  
• Internet technology makes it relatively easy to misdirect attribution to other parties.
  
  
• It is generally seen that attack technology outpaces defence technology.
  
  
• Lack of awareness on Cyber security.
  
  
• Lack of Cyber security specialists.
  
  
• Increased use of cyberspace by terrorists.
  
  

The Indian government has also been aggressively addressing the rising prevalence of cyber threats. India has ranked 47 out of 165 nations on the Global Cybersecurity Index 2018, released by the International Telecommunication Union. This shows India’s commitment to cybersecurity.

Steps taken by Government:

• National Cyber Security Policy 2013 has been framed to create a secure cyber ecosystem, ensure compliance with global security systems and strengthen the regulatory framework.
  
  
• National Computer Emergency Response Team (CERT-in) functions as the nodal agency for coordination of all cyber security efforts, emergency responses, and crisis management.
  
  
• Cyber Surakshit Bharat Initiative: It was launched in 2018 with an aim to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
  
  
• National Cyber security Coordination Centre (NCCC): In 2017, the NCCC was developed. Its mandate is to scan internet traffic and communication metadata (which are little snippets of information hidden inside each communication) coming into the country to detect real-time cyber threats.
  
  
• Cyber Swachhta Kendra: In 2017, this platform was introduced for internet users to clean their computers and devices by wiping out viruses and malware.
  
  
• Information Security Education and Awareness Project (ISEA)– raises awareness and provides research, education and training in the field of Information Security. 
  
  

The need of the hour for Indian government is to develop core skills in cyber security, data integrity and data security fields while also setting stringent cyber security standards to protect banks and financial institutions. Adequate funding should be provided for strategic research and development. India must enhance its technological and investigative capabilities.