VIF Cyber Review: January 2023
Anurag Sharma, Associate Fellow, VIF

NATIONAL

Government of India established three Grievances Appellate Committees based on IT Rules 2021.

On 28 January 2023, the Central Government set up three Grievances Appellate Committees (GACs) on the basis of Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021. Each Committee will have three members in it. During the extensive public consultations on the IT Rules, the Minister of State (MoS) for Electronics & Information Technology (E&IT) and Skill Development & Entrepreneurship— Rajeev Chandrasekhar had highlighted Government’s stand on— safety and trust of every Digital Nagrik, and robust grievance redressal system to ensure accountability of all Internet platforms offering a service or product, and that all grievances must be 100% addressed.

The Grievance Appellate Committee (GAC) is a key piece of overall policy and legal framework to ensure that Internet in Bharat is open, safe & trusted and accountable. The need for GAC was created due to large numbers of grievances being left unaddressed or unsatisfactorily addressed by Internet Intermediaries. GAC is expected to create a culture of responsiveness amongst all Internet platforms and intermediaries towards their consumers. The GAC will be a platform that will operate only virtual/online— wherein the entire appeal process, from filing of appeal to the decision thereof, shall be conducted digitally.[1]

Ministry of Information and Broadcasting banned six YouTube channels for fake news

Ministry of Information and Broadcasting (I&B)’s PIB Fact Check Unit (FCU) cracked down six YouTube channels which were disseminating false information/news in Bharat. To counter the false information circulated by these channels, the FCU released six separate Twitter threads with more than 100 fact-checks. The six YouTube channels, which were discovered to be part of a coordinated disinformation network, had close to 20 lakh subscribers, and more than 51 crore people have watched the videos on these channels.

The banned YouTube channels— i) Nation TV, ii) Samvaad TV, iii) Sarokar Bharat, iv) Nation 24, v) Swarnim Bharat, and vi) Samvaad Samachar, spread news about elections in Bharat, and were part of fake news economy which thrives on monetisation of fake news. These channels used fake, and sensational thumbnail images of television news anchors of renowned TV channels to mislead viewers to believe that news was authentic and drive traffic to their respective channels to monetise the videos posted by them.[2]

SAMEER and Siemens Healthineers signed MoU on Bharat MRI Technology

On 27 January 2023, Bharat’s premier Research and Development (R&D) institute of Ministry of Electronics and Information Technology (MeitY)— SAMEER (Society for Applied Microwave Electronics Engineering & Research) signed a Memorandum of Understanding (MoU) with Siemens Healthineers in Bangalore, which will contribute towards the development of new, improved, and innovative technologies for advancing healthcare and diagnostic access in Bharat. SAMEER specialises in Radio Frequency (RF) Microwaves Radar and communication system, E3 testing and Medical Electronics a strategic partnership.

Emphasising on the “Digital India Programme”, the Minister of State for Electronics & Information Technology and Skill Development & Entrepreneurship— Rajeev Chandrasekhar said that “the MoU is a significant step in the direction of Digital India Programme. We [Bharat] are also supportive of R&D model based on co-development between global companies and Bharat’s vast network of academic institutions.” At present, SAMEER is developing IMRI (Indigenous Magnetic Resonance Imaging) technology under the Sushrut MRI (Indian MRI) system, said Shri Rajesh Harsh, who is coordinating the research in MRI and Industry ecosystem.[3]

CERT-In issued advisory on multiple vulnerabilities in Schneider Electric products

On 16 January 2023, the Indian Computer Emergency Response Team (CERT-In) issued an advisory— CIAD-2023-0002, pertains to the multiple vulnerabilities in Schneider Electric products. According to the advisory, the Schneider Electric products reported multiple vulnerabilities which could allow an attacker to execute arbitrary code, disclose sensitive information, bypass security restrictions or cause denial of service condition on the target system. Schneider Electric’s affected products included— EcoStruxure Machine Expert, EcoStruxure Geo SCADA Expert and Operation, EcoStruxure Power SCADA, EcoStruxure Power Operation, EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon.[4]

MeitY requested comments from stakeholders and the general public on proposed changes to the IT Rules

On 19 January 2023, the Ministry of Electronics and Information Technology (MeitY) invited suggestions and comments from stakeholders and the general public on the proposed amendment to rule 3(1)(b)(v) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (“IT Rules”) with respect to obligations of social media and other intermediaries regarding sharing. This was done in order to fulfil the commitment to ensure an open, safe, trusted, and accountable Internet for citizens.
“The draft amendments to IT Rules are in pursuance of our commitment to an Open, Safe & Trusted and Accountable Internet. We have circulated amendments for consultation with stakeholders. As is the practice meticulously followed by Govt. these amendments will also be put through open consultations - to reflect, discuss and deliberate on these amendments or any other such effective means through which we can prevent misinformation/patently wrong information circulated on the Internet by State/Non-State actors,” said the Minister of State (MoS) for Electronics and Information Technology— Rajeev Chandrasekhar.[5]

CERT-In issued advisory on multiple vulnerabilities in Microsoft products.

On 11 January 2023, the Indian Computer Emergency Response Team (CERT-In) issued an advisory— CIAD-2023-0001, regarding multiple vulnerabilities in Microsoft products, including Windows, Office, SharePoint, and Azure. These vulnerabilities could allow an attacker to gain elevated privileges, obtain confidential/sensitive information, and conduct remote code execution attacks, conduct spoofing attacks, or cause denial of service conditions.[6]

CERT-In also suggested to apply appropriate security updates as provided at: https://msrc.microsoft.com/update-guide/releaseNote/2023-Jan

INTERNATIONAL

EU and US to sign first-of-its-kind AI agreement

The European Union (EU) and the United States (US) announced an agreement on January 27, 2023, to accelerate and improve the use of Artificial Intelligence (AI) to improve agriculture, healthcare, emergency response, climate forecasting, and the electric grid. According to a senior US administration official (on the basis of anonymity), earlier agreements on the same issue had been limited to specific areas such as enhancing privacy. AI modelling/Machine Learning (ML) algorithms which use data to make logical decisions could be used to improve the speed and efficiency of government operations and services. As per the agreement, all of the data would be harnessed into a common AI model that would produce better results for managers, grid operators and others depending on AI during emergency scenarios.[7]

Pakistan investigated if nationwide blackout was due to cyber-attack

Pakistani authorities conducted investigation on a possible cyber-attack causing a nationwide power blackout. On 24 January 2023, Pakistan’s Energy Minister— Khurram Dastgir informed that “there was a remote chance of the incident caused by hackers. The power across nation was fully restored within 24 hours. Also, a committee investigating what had caused the outage had been established by Pakistan’s Prime Minister Shehbaz Sharif.” Power outages have become a common occurrence in South-Asia in recent years.

“When the systems were turned on at 7:30am (PST) one by one, frequency variation was reported in the southern part of the country between Jamshoro and Dadu. There was a fluctuation in voltage and power generating units were shut down one by one due to cascading impact,” said Minister Dastgir.[8]

US Senator wants to ban TikTok nationwide

On 24 January 2023, Josh Hawley, a US Republican Senator, said that he would introduce a Bill to ban TikTok in the United States. TikTok a sister company of ByteDance already facing a ban that would stop federal employees from using or downloading TikTok on government-owned devices. However, Senator Hawley did not mention when the Bill would be introduced. “TikTok is China’s backdoor into Americans’ lives. It threatens our children’s privacy as well as their mental health. Now I will introduce legislation to ban it nationwide,” posted Senator Hawley on his Twitter account.[9]

“China can spy on us via smart bulbs and fridges”: report by OODA

According to a report prepared by former diplomat Charles Parton at the Washington-based consultancy firm OODA (Observe, Orientate, Decide, Act), China has the potential to spy on millions of people in the United Kingdom via microchips in cars, household appliances, and light-bulbs. According to the report, small modules, such as cellular IoTs (Internet of Things) gather data and transmit it via 5G networks, giving Chinese authorities intelligence and the ability to track people and businesses. Three Chinese companies, Quectel, Fibocom, and China Mobile, control 54% of the global smart device market. The UK government stated in 2020 that it would remove Huawei technology from Britain's mobile infrastructure by 2027 due to spying concerns.[10]

Endnotes :

[1] “Three Grievance Appellate Committees (GACs) notified on the recently amended IT rule”, Press Information Bureau-Ministry of Electronics and IT, 28 January 2023. Accessed on 08 February 2023, available from: https://pib.gov.in/Pres sReleseDetail.aspx?PRID=1894258
[2] “Ministry of I&B cracks down on fake news peddling YouTube channels”, Press Information Bureau- Ministry of Information & Broadcasting, 12 January 2023, accessed on 12 January 2023, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1890650
[3] “MeitY’s R&D Institute SAMEER signs MoU with Siemens Healthineers on India MRI technology - a milestone in creating a Deeptech health care R&D and Supply Chain ecosystem”, 27 January 2023, accessed on 02 February 2023, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1894162
[4] “CERT-In Advisory CIAD-2023-0002”, CERT-In, 16 January 2023, accessed on 18 January 2023, available from: https://www.cert-in.org.in/
[5] “MeitY invites comments from stakeholders and general public on amendment proposed to ‘IT Rules’”, Press Information Bureau-Ministry of Electronics and IT, 19 January 2023, accessed on 21 January 2023, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1892241
[6] “CERT-In Advisory CIAD-2023-0001”, CERT-In, 11 January 2023, accessed on 13 January 2023, available from: https://www.cert-in.org.in
[7] Reuters. “US and EU to launch first-of-its-kind artificial intelligence agreement”, ET Telecom, 28 January 2023, accessed on 03 February 2023, available from: https://telecom.economictimes.indiatimes.com/news/us-and-eu-to-launch-first-of-its-kind-artificial-intelligence-agreement/97394092
[8]Martin, Alexander. “Pakistani authorities investigating if cyberattack caused nationwide blackout”, The Record, 24 January 2023, 03 February 2023, available from: https://therecord.media/pakistani-authorities-investigating-if-cyberattack-caused-nationwide-blackout/; Hussain, Abid. “Pakistan hit by nationwide power outage after grid failure”, al Jazeera, 24 January 2023, accessed on 04 February 2023, available from: https://www.aljazeera.com/news/2023/1/23/pakistan-hit-by-nationwide-power-outage-after-grid
[9]Reuters. “US Senator Josh Hawley wants to ban TikTok nationwide”, Reuters, 25 January 2023, accessed on 04 February 2023, available from: https://www.reuters.com/world/us/us-senator-josh-hawley-wants-ban-tiktok-nationwide-2023-01-24
[10]Busby, Dolly. “The new cold war? China could be spying on us through domestic appliances such as the fridge, report warns”, The Daily Mail, 23 January 2023, accessed on 04 February 2023, available from: https://www.dailymail.co.uk/news/article-11668331/China-spying-domestic-appliances-fridge-report-warns.html

Contact Us