Dr. Neelatphal Chanda, Aparna Vats
India’s ambitious ‘Digital India’ initiative, launched in 2015, aimed to enhance technological infrastructure and provide virtual accessibility to its citizens. However, enabling seamless connectivity without ensuring security from anonymity, digital literacy, and alternatives in a democracy is a systemic fallacy. The world, quite literally, came face to face with death when the ‘Blue Screen of Death’ showcased on their Microsoft run systems on July 19.
The cybersecurity software program CrowdStrike Falcon Sensor faced a critical error during its regular update. The error was detected early, but reversing all the updates, reviving a shutdown system, and ensuring error-free system functioning took hours to mend. While Elon Musk strategically used this outrage to mock his rival by retweeting an old Indian meme showing how the taxpayer’s money was going to waste, sectors such as healthcare, transportation, banking, finance, Information Technology, industry, and even government machinery stopped.
The positive outcome of this failure is the beginning of a discourse that challenges the over-reliance on information-abundant technologies operating anonymously without adequate alternatives acting as safeguards. The importance of having a global standard, appropriate business processes and resilience in place to ensure that such inevitable outrages do not end up crippling sectors is being vocalized internationally.
Moreover, the onus is upon Microsoft to share the complete details of the happenings to prevent or counter possible future repetition. However, nationally, citizens question the lack of effective alternatives and dependency on the West in the technological sector. The Indian IT Industry accounts for US $124.7 billion market size per India Brand Equity Foundation (IBEF) in 2023 and expects the software product industry to reach US $100 billion by 2025.
A study by Gartner expects a double-digit growth rate of 13.2% this year, with spending projected to touch US $138.9 billion. The same study projects that Artificial Intelligence (AI) servers will command 60% of total server spending by hyperscalers. India adopted the ?10,372 crore AI Mission called PM-STIAC ‘to complement and supplement human intelligence and improve how people live and work.’ The country has been ranked as a Global Leader in AI Skill Penetration per the Stanford AI Index 2023. But as the saying goes, “With great success comes great responsibility.”
While this was a traditional cyber attack, which is caused by human error in coding or ‘bugs’, AI attacks are caused by limitations in the algorithm itself that cannot be fixed at the moment. Data itself can be weaponized, and as per the Belfer Center of Harvard Kennedy School, five domains, including content filters, military, law enforcement, civil society and the growing trend of replacing human-based tasks with AI, are the most vulnerable.
A recent example is former Minister of State for Electronics and Information Technology Rajeev Chandrashekhar’s allegation on Google for violating Rule 3(1)(b) of the IT Rules, 2021 and several provisions of the Criminal Code when its automated chatbot, Gemini AI, gave a controversial reply to a question asking if Prime Minister Narendra Modi was a fascist. The downfall of the ‘putting all eggs in one basket’ approach was escaped by Russia and China due to their self-sufficient cyber operating systems. While the former thanks the G-7 for its sanctions, the latter boasts of its self-reliance.
China issued a directive in 2023 that warned firms against using ChatGPT products, and Google imposed self-restriction on the Bard in response to political questions regarding the Russian President. Even the Russia-Ukraine conflict was not spared by the menace of AI when a deepfake video of Ukrainian President Volodymyr Zelensky announcing surrender circulated on Meta and YouTube and had to be taken down. Globally, 70-75% of working operations depend upon Microsoft Windows, followed by Apple’s Mac OS, which requires purchasing Apple devices. Chrome OS is a recent entrant. India’s booming IT industry does not face a lack of alternatives, but it does face commercialisation.
IIT Madras’ closed source mobile-OS BharOS, Centre for Development of Advanced Computing’s (C-DAC) Linux and MayaOS by the Ministry of Defence in collaboration with C-DAC, DRDO (Defence Research and Development Organisation) and NIC (National Informatics Centre) are examples of secure indigenous substitutes. It is time to remember the earliest initiative of this government, ‘Make in India’, as without it ‘Atmanirbhar Bharat’ or the vision of ‘Self-Reliant India’ cannot be achieved. This outrage is also a sombre reminder of how technologically vulnerable our sectors rely on automated pre-coded systems.
As may as 283 flights operated by Akasa Air, Indigo, Air India, SpiceJet, etc., got cancelled as the otherwise robust aviation industry relies heavily upon the GPS (Global Positioning System). Some users reported an irretrievable loss of information and a persistent need to restart cycles, hampering productivity. Max Healthcare had to switch to manual operations while other private hospitals faced glitches. Government hospitals such as AIIMS remained unaffected as they use their local servers, but one cannot forget the two cyber attacks on AIIMS in 2023, which compromised 81.5 million individuals’ personal information by risking its misuse for malicious purposes.
Earlier this year, CERT-In reported that 373 government websites were hacked between 2018-2023. The committee on “Digital Payment and Online Security Measures for Data Protection” cited how using outdated Windows in official devices made government offices susceptible to such attacks. Dissenting in the landmark ‘Aadhaar Judgement’ of 2018, current Chief Justice of India, D.Y. Chandrachud, had held, “Constitutional guarantees cannot be compromised by vicissitudes of technology.”
Signaling potential for surveillance and leakage of databases, he noted the absence of safeguards and informed consent. His concern about the denial of social welfare was evident when MGNREGA workers protested against the digitisation of attendance records last year as lack of internet connectivity and the mandated requirement to post real-time geotagged pictures from the worksites raised concerns regarding failure to give the rightful remuneration due to record failure.
Conclusively, the psychological detriment of this saturation, dependency and reliability on our devices must also be questioned. In this age of technology-driven communication, our ability to create a ‘Public Sphere’ as Jurgen Habermas proposed in 1991, and our personal information are both at risk of being compromised.
Dr. Neelatphal Chanda teaches Media Studies at Christ University, Bangalore. Aparna Vats is a Media Studies student at the same university.