Copyright infringement not intended

Context: The CoWIN portal, which is used by millions of Indians to register for COVID-19 vaccination, has been in the spotlight recently after reports of a data breach by a Telegram bot.

Details

• The bot allegedly shared the personal information of vaccinated people, such as their name, Aadhaar and passport numbers, when their phone number was entered.
  • A bot is a software application that runs automated tasks over the Internet, usually with the intent to imitate human activity on the Internet, such as messaging, on a large scale.
• The government has denied any direct breach of the CoWIN app or database and said that the data was obtained from previously breached databases by a threat actor.

What is CoWIN and how does it work?

• CoWIN is a digital platform developed by the Union Ministry of Health and Family Welfare to facilitate the registration and verification of COVID-19 vaccination in India. It stands for COVID Vaccine Intelligence Network and is integrated with the Aarogya Setu app.
• CoWIN allows users to book vaccination slots, download vaccination certificates, and access other related information.
• To register on CoWIN, users have to provide their mobile number and valid identity proof, such as Aadhaar, PAN, passport, voter ID, or driving license. They also have to enter their year of birth and gender.
  • After registration, users receive an OTP on their mobile number to verify their identity and access their dashboard. Users can register up to four beneficiaries with the same mobile number.

Access to third-party applications

• CoWIN provides access to third-party applications that have been authorised by the government to use its APIs (application programming interfaces). APIs are a set of rules that allow two applications to communicate and share data.
  • For example, some private hospitals and online platforms use CoWIN APIs to offer vaccination booking services to their customers.
• However, these third-party applications can only access the personal data of vaccinated people after OTP authentication.

What is a Telegram bot and how did it leak CoWIN data?

• A Telegram bot is an automated account that can perform various tasks on the messaging platform Telegram. For example, some bots can send news updates, weather forecasts, or trivia quizzes to users who interact with them.
• According to reports, a Telegram bot was allegedly sharing the personal data of CoWIN users when their phone number was entered. The bot showed the name of the user, the government ID they used for vaccination, and where they got vaccinated. The bot also revealed all the beneficiaries registered with the same phone number.

Government response

• The source of the data leak is not clear yet, but the government has claimed that it did not come from CoWIN directly. Instead, it said that the data was sourced from previously breached databases by a threat actor. A threat actor is a malicious entity that tries to exploit vulnerabilities in systems or networks to steal or damage data.
• The government also said that CoWIN has three levels of data access:
  • User-level access through OTP authentication.
  • Vaccinator-level access through authorised login.
  • Third-party application-level access through authorised APIs.
• It claimed that without an OTP, data cannot be shared with the Telegram bot.

Concern

• Some experts have raised doubts about the government's claims and said that CoWIN may have had some security flaws that allowed the data to leak.
• Experts have pointed out that CoWIN does not use end-to-end encryption or HTTPS protocol for data transmission, which makes it vulnerable to interception or manipulation by hackers.

What are the consequences of the data leak?

• The data leak poses a serious threat to the privacy and security of CoWIN users.
• The personal information leaked by the Telegram bot can be used for identity theft, fraud, phishing, spamming, or harassment. It can also expose users to targeted attacks based on their vaccination status or location.
• The data leak can undermine public trust in CoWIN and affect the vaccination drive in India. Many people may be reluctant to register on CoWIN or share their details if they fear that their data may be compromised or misused.

How can users protect themselves from data breaches?

Users can take some steps to protect themselves from data breaches and safeguard their privacy and security online. Some of these steps are:

• Use strong passwords and change them regularly.
• Enable two-factor authentication for online accounts.
• Avoid clicking on suspicious links or attachments in emails or messages.
• Check the URL and certificate of websites before entering personal or financial information.
• Review the privacy policies and permissions of apps before using them.
• Be careful about what you share on social media or public platforms.
• Report any suspicious or fraudulent activity to the authorities.

Securing Cyberspace

• Cyberspace is the virtual environment where people interact through digital networks. It encompasses the internet, computer systems, software, data and devices.
• Cyberspace is an integral part of our modern society, as it enables communication, education, entertainment, commerce, innovation and more.

Concern

• Cyberspace also poses various risks and threats to its users and infrastructure.
• Cyberattacks, cybercrime, cyberwarfare, cyberterrorism and cyberespionage are some of the malicious activities that can compromise the security, privacy and integrity of cyberspace.
• These activities can have serious consequences for individuals, organizations, governments and nations.

Therefore, securing cyberspace is a vital and urgent task for all stakeholders involved in cyberspace. Securing cyberspace means protecting its availability, confidentiality and authenticity from unauthorized access, use, modification or destruction. Securing cyberspace also means ensuring its resilience and recovery from potential incidents or disruptions.

Features of Securing Cyberspace

A complex and dynamic process

• Securing cyberspace is a complex and dynamic process that requires constant monitoring, assessment and adaptation to the changing threats and technologies.
• For example, securing cyberspace requires updating security software and hardware regularly, conducting vulnerability assessments and audits periodically, and implementing security patches and fixes promptly.

A collaborative and cooperative effort

• Securing cyberspace is a collaborative and cooperative effort that involves multiple actors from different sectors, domains and levels.
• For example, securing cyberspace requires coordination and cooperation among government agencies, private sector entities, civil society organizations, academic institutions and international organizations.

Multidisciplinary and multifaceted work

• Securing cyberspace is a multidisciplinary and multifaceted work that requires technical, legal, ethical, social and political solutions.
• For example, securing cyberspace requires developing and applying encryption and authentication techniques, enforcing and harmonizing cyber laws and regulations, promoting and respecting cyber ethics and norms, raising and addressing cyber awareness and literacy issues, and engaging and influencing cyber decision-makers and stakeholders.

Global and regional challenges

• Securing cyberspace is a global and regional challenge that requires international and regional cooperation and coordination.
• For example, securing cyberspace requires establishing and participating in global and regional cyber forums and platforms such as the United Nations Group of Governmental Experts on Advancing Responsible State Behaviour in Cyberspace in the Context of International Security (UNGGE), the Global Forum on Cyber Expertise (GFCE), the Association of Southeast Asian Nations (ASEAN) Regional Forum on Cybersecurity Cooperation (ARF), etc.

Significances of Securing Cyberspace

Enhances trust and confidence

• Securing cyberspace enhances the trust and confidence of users and providers of cyberspace services and products. For example, securing cyberspace increases customer satisfaction and loyalty, reduces operational costs and risks, improves reputation and credibility, etc.

Supports the development and growth

• Securing cyberspace supports the development and growth of the digital economy and society. For example, securing cyberspace facilitates e-commerce transactions and online payments, enables e-government services and e-learning opportunities, fosters innovation and entrepreneurship, etc.

Safeguards the human rights

• Securing cyberspace safeguards the human rights and freedoms of cyberspace users. For example, securing cyberspace protects personal data and privacy, ensures freedom of expression and access to information, prevents online harassment and discrimination, etc.

Contributes to security and stability

• Securing cyberspace contributes to national and international security and stability. For example, securing cyberspace prevents and mitigates cyberattacks and cyberconflicts, deters and combats cybercrime and cyberterrorism, enhances and maintains cyber deterrence and defence, etc.

Some of the challenges are:

Asymmetry and anonymity of cyber threats

• Securing cyberspace faces the asymmetry and anonymity of cyber threats and actors. For example, securing cyberspace deals with the low cost and high impact of cyberattacks, the difficulty and Uncertainty of attribution and accountability, the diversity and unpredictability of motives and intentions, etc.

Diversity and disparity of cyber laws and regulations

• Securing cyberspace encounters the diversity and disparity of cyber laws and regulations across different jurisdictions. For example, securing cyberspace faces the lack of consensus and compatibility on cyber norms and standards, the gap between domestic and international law on cyber issues, the challenge of extraterritoriality and jurisdiction in cyberspace, etc.

Scarcity and disparity of cyber resources

• Securing cyberspace struggles with the scarcity and disparity of cyber resources and capabilities across different regions. For example, securing cyberspace suffers from the shortage of skilled and qualified cyber professionals, the unequal distribution of cyberinfrastructure and technology, the imbalance of cyber power and influence, etc.

Tensions between security and other values

• Securing cyberspace competes with the trade-offs and tensions between security and other values such as privacy, innovation and openness. For example, securing cyberspace balances the need for encryption and the demand for lawful access, the desire for innovation and the concern for security risks, the aspiration for openness and the requirement for security controls, etc.

Securing cyberspace requires a comprehensive and holistic approach that addresses all aspects of cyberspace security. Some of the possible ways forward are:

Developing effective cyber policies

• Developing and implementing effective cyber policies and strategies at national, regional and international levels. For example, securing cyberspace requires formulating and executing clear and coherent cyber visions and goals, defining and assigning roles and responsibilities of cyber actors, allocating and managing cyber resources and budgets, etc.

Establishing and strengthening cyber norms

• Establishing and strengthening cyber norms and rules of behaviour for responsible state and non-state actors in cyberspace. For example, securing cyberspace requires agreeing and adhering to voluntary and binding cyber principles and guidelines, developing and applying confidence-building measures and mechanisms, resolving and preventing cyber disputes and conflicts, etc.

Enhancing cyber awareness

• Enhancing cyber awareness and education among all stakeholders in cyberspace. For example, securing cyberspace requires informing and educating users and providers of cyberspace services and products about cyber threats and best practices, developing and delivering cyber curricula and training programs, creating and disseminating cyber awareness campaigns and materials, etc.

Building and maintaining cyber capabilities

• Building and maintaining cyber capabilities and capacities for prevention, detection, response and recovery from cyber incidents. For example, securing cyberspace requires designing and deploying secure cyber systems and networks, establishing and operating cyber incident response teams and centres, conducting and participating in cyber exercises and simulations, etc.

Promoting cyber cooperation and collaboration

• Promoting cyber cooperation and collaboration among all stakeholders in cyberspace. For example, securing cyberspace requires sharing and exchanging cyber information and intelligence, providing and receiving cyber assistance and support, partnering and networking with cyber allies and partners, etc.

Conclusion

• Cyberspace is not a static or fixed domain, but a dynamic and evolving one that requires constant vigilance and collaboration from all its stakeholders. Securing cyberspace is not an easy or one-time task. It is an ongoing and shared responsibility for all stakeholders in cyberspace, including governments, businesses, organizations, and individuals. They all have a role to play in ensuring the safety, reliability, and resilience of this vital domain that supports our social, economic, and political activities. To achieve this goal, we need to adopt a comprehensive and holistic approach that addresses the technical, legal, ethical, and cultural aspects of cyberspace security.

PRACTICE QUESTION Q. India is one of the fastest-growing digital economies in the world, with more than 800 million internet users and a booming digital ecosystem. How can India secure its cyberspace and protect the privacy and security of its people in the face of growing cyber threats and vulnerabilities? What are the key challenges and opportunities for India in developing a robust and resilient cyber strategy?

https://indianexpress.com/article/explained/explained-sci-tech/cowin-data-leak-why-the-govt-statement-raises-more-questions-than-it-answers-8659412/