Journal of Advanced Research in Electronics Engineering and Technology

Strengthening OT Networks in Critical Infra structure: A Comprehensive Cybersecurity Strategy Leveraging Trojan Hunt Indiaâ€™s Data Diode and Threat Monitoring (InSKIA and OT SOC)

2025-08-18T15:50:52+00:00

Operational Technology (OT) networks form the backbone of critical infrastructure, yet they face escalating cybersecurity threats due to growing convergence with IT systems, reliance on legacy technologies, and inadequate protective measures. This capstone explores these vulnerabilities, evaluates recent cyber incidents, and proposes a com prehensive, practical cybersecurity framework integrating Trojan Hunt A Indiaâ€™s Data Diode technology, InSkia Dark Web Monitoring & OT SOC Threat Monitoring. The project highlights weaknesses in traditional f irewallsâ€”particularly their susceptibility to recent remote code ex ecution (RCE) exploitsâ€”and underscores the value of physical-layer security and proactive threat monitoring.

Cyber Security Assessment: A Case Study of Smart Metering Infrastructure

2025-08-18T15:08:08+00:00

The Smart Metering Infrastructure (SMI) is a paradigm shift from the traditional meters providing real time connectivity between consumer to grid, which poses a critical challenge to ensure cybersecurity. The complexity and heterogeneity of SMI creates an uphill task to design a uniform solution to address various cyberattacks. The security of SMI should be viewed holistically keeping in purview the network, physical meter, database, application etc. Although, most of the international standards and guidelines are adhered to but during actual implementation, deviations are common wherein the local guidelines take preference i.e Central Electricity Authority (CEA) in the case of India. Due to many reasons such as supply chain risks or unavailability of resources, the SMI may not be equipped with the best protection measures, which may result in national crisis when seen at a larger scale. The study aims to provide an assessment of the cybersecurity posture of SMI along with measures/recommendation to make it cyber resilient.

Barriers to the protection of patient data and the need for immediate action in light of recent data breach incidents in India

2025-08-19T06:02:36+00:00

In Oct 2024, Indiaâ€™s popular health insurer, Star Health Insurance, faced a massive data leak, which may have compromised the data of 31 million customers. It included names, addresses, dates of birth, health records, Aadhaar card details, and even PAN card photos. It was one of the many data breaches related to patientsâ€™ data in the recent past. The DPDP Act was passed on August 11, 2023, after five years of legislative development in light of data breaches. It still awaits the formation of the Data Protection Board of India. This Board will be an enforcement authority, ensuring compliance with the provisions of the Act. Until then, the Act remains unenforceable. DPDP adopts a holistic approach to protecting personal data. In this paper, the factors contributing to the barriers to protecting patientsâ€™ data have been explored by analysing the global regulations, laws, or provisions and mapped in the Indian context by examining the expanding digital healthcare footprint in terms of various schemes and initiatives. The paper explores the primary factors as bureaucratic challenges, highlighting that the Digital Healthcare Information Security Act (DISHA) draft was released in 2018; however, it has still not been enacted, considering precedence to DPDP. The second factor is the scoping of the DPDP itself & challenges concerning the emerging technologies that do not categorise patientsâ€™ data as â€œsensitive personal data, â€œ which has a higher threshold than regular consent, requiring a specialised focus on patientsâ€™ data. The third factor lies in the societal state, highlighted by the lack of awareness about data privacy rights. Finally, the fourth factor explores the complex regulatory ecosystem wherein no single, holistic law covers health data protection in India, especially considering emerging technologies such as AI and blockchain. The need for a harmonised and coherent approach to data privacy has been highlighted as a recommendation in the paper.

Cybersecurity issues in Cellular Technology

2025-08-19T04:40:57+00:00

This whitepaper aims to provide an in-depth analysis of implementing Zero Trust solution with cellular devices with different solution vendors available today. It covers the fundamental principles of Zero Trust, its relevance to SIM security, and the importance of Zero trust Cellular solutions.Additionally, it addresses the benefits and challenges associated with this integration.

Cybersecurity Skill Gap in India

2025-08-19T08:30:38+00:00

Cybersecurity is a challenge that the world is dealing with, and at the pace and scale at which the adversaries are advancing, the cybersecurity skill gap is the biggest menace the enterprises and the countries are facing. India, however, is in a unique position to find â€œAapda Mein Avsarâ€ (opportunity in adversity) with its young and educated workforce. India is at the curb to solve this problem for both itself and the world. This review examines the consequence of the lack of appropriate cybersecurity education and workforce readiness to encash these opportunities by identifying the gaps and addressing them with the possible solutions. This review paper scours through the existing literature looking for the gaps in the existing structure and explores the strategies to mitigate them. It also reviews various approaches to bridge this gap through industry collaboration, gamification and inclusivity.

From Legacy Threats to Modern Risks â€“ Building a Cybersecurity Framework for Sporting Events

2025-08-19T05:00:51+00:00

The increase of digital technologies and raising connexion of operational infrastructures within sporting events have rendered cybersecurity a paramount concern. As the landscape of sporting events continues to evolve, so too does the imperative for robust cybersecurity measures. With the integration of technology into various facets of sporting activitiesâ€”including ticket sales, complex digital supply chains, and interconnected infrastructures - the risk of cyber threats to athletes, fans, and organizations has escalated. This paper provides a comprehensive review of existing cybersecurity frameworks applicable to sporting events, while emphasizing the challenges posed by emerging threats. We discuss the necessity for continuous review, adaptation, and integration of advanced technologies such as threat intelligence, dynamic monitoring, and resilience engineering to counter evolving cyber risks. In doing so, we synthesize research findings from multiple studies that highlight the dynamic nature of cyber threats and propose adaptive solutions critical for safeguarding sporting events and propose a robust framework tailored for enhancing security in this unique sector.

Next-Gen Bio-Implant Ecosystem for Secure Living: Real-Time Medical Access and Criminal Monitoring

2025-08-19T09:08:53+00:00

Bio-implant technology is revolutionising the fields of security, healthcare, and automation. This research investigates the dual-frequency NExT RFID + NFC Chipâ€”which combines a 13.56â€¯MHz NTAG216 (ISO14443A) and a 125â€¯kHz T5577 (EM41xx/HID compatible) componentâ€”for advanced multi-factor authentication (MFA), IoT integration, criminal tracking, and emergency medical data access. By conducting extensive experimental evaluations and testing, this study assesses the technical feasibility, performance, and security implications of bio-implant technology. Detailed comparative analyses, real-world use case evaluations, and forward-looking discussions on regulatory and ethical issues are presented.

Securing Generative AI Applications

2025-08-19T05:15:56+00:00

Generative Artificial Intelligence (AI) systems, especially large language models (LLMs), are redefining technology across domains â€“ from content creation to decision support â€“ but they also introduce critical security challenges. This literature review synthesises findings from twenty recent studies to survey major security concerns in generative AI and the countermeasures proposed to address them. Key issues include the generation of false or misleading content (â€œhallucinationsâ€) that undermine accuracy, privacy leakage through memorisation of sensitive training data, prompt injection and â€œjailbreakâ€ attacks that bypass model safeguards, and usersâ€™ overreliance on AI outputs de spite potential errors. Furthermore, generative AI can be maliciously exploited for phishing, malware development, misinformation, and other cyberattacks. When integrated into real-world applications, LLMs present new vulnerabilities, from insecure plugin interfaces to unsafe handling of model outputs leading to injection flaws. We categorize these threats and examine defensive strategies from the literature, including alignment techniques to reduce toxic and incorrect outputs, privacy-enhancing methods (differential privacy, data governance) to curb leakage, robust prompting guidelines and filters to resist injection, and frameworks for human-AI collaboration and oversight in high-stakes uses. By drawing on a comprehensive set of academic and industry studies, this review highlights emerging best practices and research directions for securing generative AI applications against both technical and human-centric vulnerabilities.

Studying the use cases of Vision AI in detecting QR Code Phishing

2025-08-18T16:05:17+00:00

This paper dives into the current widespread use of QR codes in our everyday lives. QR codes have been instrumental in disseminating information in the digital age and more so in the mobile era. There are multiple use cases ranging from sharing the Local Wifi to making digital payments. As such QR Codes are short, easy to add and convenient way to collect payments, share feedback or make your favorite music player , play music. This has also lead to multiple attack paths and has created a cybersecurity attack vector that is difficult to catch and has potential to cause disruption in our current techno-business stack. On the other hand, the exponential rise of AI use cases to solve complex problems (including its use cases in Cybersecurity domain) has been impressive. In this study we will take a closer look at QR Codes, their use cases and potential attack vectors. We will then document the use cases to use Vision AI to prevent QR code attacks especially those that are phishing related attacks.

Technostress in Cybersecurity: Evaluating Its Effects on Professional Performance and Organisational Security

2025-08-19T09:12:35+00:00

Cybersecurity professionals operate in a high-stakes environment, constantly adapting to evolving threats and managing complex technologies. This intense workload often leads to technostressâ€”the mental and emotional strain caused by excessive technological demands. This study explores how technostress affects cybersecurity professionals, particularly its impact on job performance, decision-making, and organisational security. Through surveys and interviews, the research highlights how stress leads to slower responses, increased errors, and a higher risk of security breaches. Many professionals experience burnout, and with cybersecurity talent in short supply, organisations face additional challenges in maintaining strong security defences. The findings emphasise the urgent need for companies to address technostress by implementing work-life balance initiatives, automation tools, and stress management programs. By doing so, they can create a healthier work environment while also strengthening their overall security posture.

The Shadow of FUD: Examining Fear, Uncertainty, and Doubt in the Cybersecurity Landscape

2025-08-19T05:15:16+00:00

The paper examines the use of Fear, Uncertainty, and Doubt (FUD) as a psychological tactic in the cybersecurity landscape. It explores the anatomy of FUD, detailing how it amplifies uncertainty, generates fear, and sows doubt, exploiting inherent anxieties and knowledge gaps. The mechanisms of FUD deployment, including technical jargon, exaggerated threat assessments, and social engineering, are analysed. The paper investigates the impact of FUD on individuals and organisations, such as irrational decision-making, overspending on security, and erosion of trust. Ethical considerations surrounding the use of FUD, including manipulation, misinformation, and exploitation of fear, are discussed. Finally, strategies to counter FUD, such as cultivating critical thinking, seeking reliable information, and promoting transparency, are proposed to foster informed security and a resilient digital environment.

Enforcing Mobile Application Blocking in India: A Technological Analysis

2025-08-19T05:41:02+00:00

The Government of India has initiated several measures to safeguard digital sovereignty, one of the most notable being the blocking of mobile applications considered prejudicial to national security. While the policy declarations are swift and assertive, enforcement remains a grey area plagued by technological loopholes and regulatory challenges. This paper explores the enforcement process of mobile application bans in India, analyses the inefficiencies in its current structure, and proposes a comprehensive set of recommendations for strengthening the enforcement mechanism. Emphasis is also placed on the role of mobile OS providers, the circumvention techniques used by users, and the lack of real-time monitoring tools for compliance. The paper suggests a multipronged approach integrating law, technology, and awareness to make the ban process more effective and secure.

Secure AI adoption framework for a multi-tenant SaaS Product Companies

2025-08-18T14:40:38+00:00

Software as a service (SaaS) has become popular in the last decade due to its cost-efficiency, scalability, and convenience. It eliminates the need for businesses to invest in on-premises infrastructure by offering cloud-hosted, subscription-based solutions. Artificial Intelligence (AI)â€™s influence on Software as a Service (SaaS) product development has grown rapidly in the last five years. SaaS solutions leverage artificial intelligence to furnish personalised services, augment functionality, and enhance performance, promising an en riched user experience grounded in intelligent data-driven decisions. However, the multi-tenant architecture of SaaS platforms introduces unique challenges, particularly in ensuring security, tenant data privacy, and compliance. This paper introduces a Secure AI Adoption Framework designed to guide multi-tenant SaaS product organisations through the systematic, secure, and ethical implementation of AI capabilities. The proposed framework addresses critical aspects of AI adoption, including readiness assessment, AI solution design, secure deployment, and continuous, monitoring, while prioritising tenant data protection and regulatory compliance. By analysing current practices and identi fying gaps, this review develops a structured roadmap that balances technical feasibility with organisational goals. Through an extensive literature review, case studies, and expert analysis, this study provides a practical and scalable framework to empower SaaS organisations in leveraging AI responsibly and securely.

Cybersecurity in Healthcare: How Regulation Is the Key to Pushing Cyber Resilience

2025-09-20T06:15:48+00:00

The digitization of healthcare systems has transformed global healthcare delivery, improving accessibility, diagnostics, and real-time treatment. However, these digital advancements come with significant cybersecurity risks. From legacy HIS systems and cloud-based infrastructure to wearable IoMT and AI-powered diagnostics, every digital touchpoint introduces a potential attack surface. Cyberattacks targeting healthcare can
have devastating consequences, ranging from loss of sensitive personal and genomic data to disruption of emergency medical services and national security risks. This review examines how regulation plays a pivotal role in mitigating such risks by enforcing cyber resilience. Drawing from Indian and international case studies, this paper argues that only through a robust, enforceable, and forward-looking regulatory frameworkâ€”one that
includes cyber-bio convergence, threat-sharing mechanisms, and post-quantum preparednessâ€”can healthcare systems evolve into digitally secure ecosystems that protect both patients and infrastructure.

Decoding Ransomware: Crafting a Comprehensive Taxonomy and Actionable Insights for Risk Mitigation

2025-08-18T10:29:15+00:00

This research addresses the critical gap in understanding and classifying ransomware by developing a comprehensive system that aligns with the evolving and complex landscape of ransomware threats. The research highlights the limitations of existing classification models, emphasising the need for a standardised framework that categorises ransomware based on its infection methods, propagation mechanisms, and sector-specific impact. By analysing extensive data from diverse ransomware families, this study identifies patterns and trends that inform the creation of a more effective classification system. The findings reveal that industries with high-value data, such as finance, manufacturing, critical infrastructure, and healthcare, face significant ransomware risks, leading to financial losses, operational disruptions, and regulatory challenges. This study provides organisations across sectors with critical insights to enhance their risk management and mitigation strategies. Beyond cybersecurity, the research underscores the need for stronger resilience measures, contributing to a broader discourse on digital security and operational continuity in an increasingly interconnected world. Ultimately, this classification framework serves as a valuable resource for policymakers, security professionals, and industry leaders, strengthening cybersecurity defences and response strategies against the growing ransomware threat.

Ransomware Evolution: Techniques, Countermeasures, and Legal Implications

2025-08-19T08:34:33+00:00

Ransomware has become one of the most significant cybersecurity threats of the modern digital age, evolving in complexity and scale over time. This document provides a comprehensive analysis of ransomware, beginning with its background and a review of existing literature to understand its origins and early objectives. It evaluates early ransomware attacks and key milestones that have shaped its evolution.The study further explores modern ransomware tactics, including double extortion, Ransomware-as-a-Service (RaaS), and the targeting of critical infrastructure. It delves into the role of cryptocurrency in facilitating anonymous ransom payments and examines sophisticated delivery mechanisms used by attackers. The broader impacts of ransomware, encompassing financial, operational, and reputational damages, are assessed, highlighting the urgency for effective countermeasures. Various mitigation strategies are analysed, along with the challenges faced in their implementation. Legal implications of ransomware attacks are also discussed, emphasizing the need for stronger regulatory frameworks and international collaboration. The document concludes by exploring future trends in ransomware and offers actionable recommendations to strengthen defences against this evolving threat.

Augmented Reality (AR): Cybersecurity Risks in Military Applications

2025-08-18T10:45:44+00:00

This research looks into cybersecurity pitfalls that come with using Augmented Reality (AR) in military settings, zeroing in on weaknesses adversaries might exploit. Drawing on a mix of qualitative data â€” from cybersecurity assessments in the military and chats with experts to case studies on AR systems in defence â€” it ends up uncovering some pretty critical security gaps and threat paths that seem unique to AR. The findings suggest that, while AR can offer a clear operational edge, it also brings along serious issues relating to data integrity, real-time navigational blips, and overall system hardiness when under attack. In most cases, there's a pressing need to put together strict cybersecurity measures that are designed specifically for AR platforms in such military environments. The broader importance of these insights stretches well beyond the battlefield, hinting at an urgent call for better cybersecurity practices across other defence-related tech and even in areas like healthcare, where AR is increasingly used for training simulations and patient care. At times, the results also point to the value of a closer working relationship between cyber specialists and military strategists, aiming to create robust frameworks that help shield key information systems from new threats. All in all, this study adds to the ongoing conversation about how technology and security intersect in military contexts, generally speaking, urging a more proactive approach in the face of rapid technological change.

Cyber Diplomacy Framework for India: Lessons from Global Strategies and a Roadmap for the Future

2025-08-18T11:46:22+00:00

In an era where cyber threats are increasingly shaping international relations, cyber diplomacy has become a critical component of national security and foreign policy. This research paper explores the cyber diplomacy frameworks adopted by developed nations, including the United States, the European Union, and Australia, to understand their key components, strategic priorities, and operational mechanisms. It then examines Indiaâ€™s current approach to cyber diplomacy, identifying gaps and opportunities for enhancement. Through a comparative analysis, the paper proposes a structured cyber diplomacy framework tailored for India, integrating elements of international cooperation, capacity building, legal frameworks, and public-private partnerships. The study underscores the necessity of a proactive and multilateral approach to safeguard national cyber interests while fostering global digital trust and stability. The result provide to policy recommendations that can guide India in formulating a robust and adaptive cyber diplomacy strategy.

Development of an Intrusion Detection System (IDS) using Machine Learning Algorithms

2025-08-18T11:50:01+00:00

As cyber threats evolve, traditional Intrusion Detection Systems face significant problems such as high false positives, inability to detect new attack signatures, and poor scalability. This paper aims to mitigate these limitations by implementing an IDS based on machine learning techniques to improve the detection capability, flexibility, and effectiveness. Exploiting the realistic and diverse CICIDS 2017 dataset that is quite famous for its realistic and complex attack scenarios, the study does an excellent job of including several enhanced preprocessing techniques to have the best feature selection techniques and, hence, the best data quality. First, an experimental comparison of Support Vector Machines (SVMs), Random Forests (RFs), and neural networksâ€™ performance in detecting threatening activities is made to choose the most suitable machine-learning approaches. The quantitative performance of each model is compared and assessed using model accuracy, precision, recall, the F1-score, and the ROC-AUC curve. This research illustrates how machine learning can solve cybersecurity problems by presenting an adaptive algorithm that can disregard emerging threats. The observations benefit the ongoing enhancement of IDS and provide an understanding of deploying efficient and progressive solutions in live networks.

Cybersecurity Awareness and Social Media Reach: Analyzing the Effectiveness of Awareness Content Distribution

2025-08-18T11:48:18+00:00

In todayâ€™s digital age, numerous social media platforms exist, yet cybersecurity awareness content posted by government or private organisations often fails to reach a broad audience for various reasons. This project aims to bridge that gap by creating 30 cybercrime awareness videos, each ranging from 2 to 15 minutes in length, and posting them on Facebook, Instagram, and YouTube. Over a period of two weeks or more, we will monitor and assess the reach and engagement of these videos. By documenting the reasons behind their reachability, we can identify key factors that either enhance or inhibit the dissemination of this crucial information. This analysis will enable us to refine our content and format, ensuring that our cybersecurity awareness messages effectively reach and educate the maximum number of people.

Optimizing of Multi-Layer Perceptron for Detecting PDF Malware: A study in Machine Learning

2025-08-18T15:29:32+00:00

In this thesis, we demonstrate that multi-layer perceptrons (MLPs) are a promising approach for detecting PDF-based malware. Malware in the form of PDF files is becoming increasingly prevalent, making it crucial to develop effective detection methods. Traditional methods for detecting malware, such as signature-based detection, are becoming less effective as attackers can easily evade them by modifying the malicious code. To train our MLP, we first collected a large dataset of both benign and malicious PDFs. The dataset was pre-processed to extract relevant features, such as the presence of certain keywords and the structure of the PDF file. In total we used 37 static representative features. We used a combination of supervised learning techniques to train the MLP on this dataset. The trained model was then evaluated on a separate test dataset and was shown to have high accuracy of about 96% in detecting PDF-based malware. We also investigated the effect of different feature selection methods and the impact of network architecture on the performance of the model. The results demonstrate that using MLPs for detecting PDF-based malware is an effective approach and can achieve high accuracy. Moreover, we also proposed an approach to increase the robustness of the model by using adversarial machine learning techniques to improve the modelâ€™s ability to detect novel and evasive malware. In conclusion, this thesis presents a novel approach for training MLPs to detect PDF-based malware, and the results demonstrate the effectiveness of this approach. The proposed approach could be used to improve the security of systems that handle PDF files and provide a new tool for the security community to fight against PDF-based malware.

Revolutionising Security Operations in the BFSI Sector with XDR Technology

2025-08-18T11:52:44+00:00

This research intends to examine the effectiveness of Extended Detection and Response (XDR) technology in altering Security Operations Centres (SOCs) within the Banking, Financial Services, and Insurance (BFSI) sector. The study addresses the rising issue of increasing cyber threats, which require a more integrated and flexible approach to security. By analysing the current state of cybersecurity in the BFSI sector, it will be necessary to pinpoint both the weaknesses in existing systems and the specific areas where XDR can provide significant enhancements. To address this issue correctly, data on response times to incidents, rates of threat detection, and system performance post-XDR implementation is needed. Additionally, the context provided by feedback from industry experts on operational advancements and challenges is essential, as it enables a more comprehensive comprehension of the manner in which XDR is integrated into the broader cybersecurity strategies of the BFSI sector. This paper implements a mixed-method approach that integrates secondary data collection methodologies. This research study analyses how Extended Detection and Response (XDR) technology improves security operations in the Banking, Financial Services, and Insurance (BFSI) business as cyber threats increase and traditional security solutions become ineffective. The study employs a mixed-methods approach with secondary data collection, gathering numerical data on incident response times and financial impacts, along with qualitative insights from industry reports and previous case studies highlighting customer success stories shared by cybersecurity experts. The findings show that organisations using XDR technologies saw a notable drop in response times and a significant reduction in the financial and operational damages of breaches compared to traditional security setups. These findings illustrate XDRâ€™s game-changing capacity to improve situational awareness, streamline incident responses, and strengthen overall cybersecurity in the BFSI industry. The significance of this research extends beyond financial organisations, providing a vital foundation for understanding the changing nature of cyber dangers important to any industry dealing with sensitive data. Furthermore, the effects of adopting XDR technology are seen in the broader cybersecurity area, serving as a roadmap for enterprises wishing to upgrade their security procedures in a more complex threat scenario.

Long Short-Term Memory Network (LSTM) based Phishing Detection Model for E-Mail and SMS with or without URL

2025-08-19T05:42:19+00:00

Phishing is a common tool used by cybercriminals to gain access to systems and to exploit confidential information. The most common exploitation method is the use of phishing emails. Many phishing detection systems utilise machine learning techniques and blacklists. Phishing emails play an important role in phishing detection based ontheir email characteristics, namely URLs and phishing content. In this study, Long Short-Term Memory (LSTM) neural network- based e-mail and SMS phishing detection model using phishing lexicons is proposed. The proposed method consists of five modules: URL filtering, initial labelling, adaptive lexicon formation, dataset labelling and classification using LSTM. The URL filtering involves three steps: index appending, URL filtering from email, and URL filtering from SMS. In index appending, e-mail and SMS datasets are added with the index. The URLs are identified using occurrence protocol, subdomain, rootdomain and TLD and filtered to form a URL dataset based on their respective index. The emails and SMS with URLs were labeled as phishing or legitimate by a stacking classifier. Adaptive lexicon formation is used to label the e-mails and SMS without URLs, and their contents are preprocessed and tokenised. The tokens were lemmatised to remove words with the same meaning to reduce ambiguity. Dataset labelling was performed by the K-means clustering algorithm using the Levenstein distance vector. The Levenstein distance between tokens with email and SMS content was recorded as vectors. The contents of the emails and SMS are clustered and labeled as phishing and legitimate. The LSTM classifier effectively classified phishing and legitimate email and SMS. Datasets for emails and SMS were taken from the Kaggle repository. The performance of the proposed model was evaluated using the accuracy and loss function. The proposed LSTM neural network-based e-mail and SMS phishing detection model achieved the accuracy of 97%.

GridVigil: Tri-securing Critical Infrastructure of energy transmission systems through People, Process and Technology

2025-09-19T07:23:11+00:00

The increasing digitisation of Indiaâ€™s power transmission sectorâ€” driven by the integration of SCADA systems, digital substations, and wide-area monitoringâ€”has introduced new vulnerabilities in the critical infrastructure landscape. As threats evolve in complexity and frequency, ensuring cyber resilience has become a strategic imperative. This research evaluates the cybersecurity posture of Indiaâ€™s transmission utilities using the Peopleâ€“Processâ€“Technology (PPT) framework. Drawing on regulatory mandates, case studies, and national and international standards (CEA Guidelines, IEC 62443, NIST SP 800-82), the study identifies significant implementation gaps across organisational capacity, operational governance, and technological deployment. Key findings reveal that utilities with dedicated OT-trained personnel, well-documented response procedures, and active SOC infrastructure demonstrate markedly better threat readiness and response metrics. The paper recommends targeted interventions, including mandatory certifications, red-team simulations, CEA guidelines-compliant procurement, and centralised threat intelligence sharing. The study concludes that cybersecurity in Indiaâ€™s power grid must evolve from a compliance exercise to a performance-driven paradigm, where harmonised policy enforcement, skilled human capital, and resilient architecture collectively safeguard national energy security.

Combating Advanced Persistent Threats (APTS) in Critical Infrastructure

2025-09-20T06:08:05+00:00

This report focuses on Advanced Persistent Threats (APTs) as one of the most serious and complex cybersecurity challenges facing critical infrastructure in the modern age of globalisation and digital networking. APTs are sophisticated, stealthy, and long-term cyberattacks often carried out by state-sponsored actors, organized cybercriminals, or hacktivist groups. These threats are designed to infiltrate systems, remain undetected for extended periods, and extract valuable information or disrupt operations. The sectors most targeted include energy, healthcare, water, transport, finance, and telecommunications, all of which are vital to national security, public safety, and economic stability. APTs are dangerous because they exploit vulnerabilities not only in technology but also in people and supply chains. The report identifies that modern APTs have evolved from traditional signature-based attacks to using advanced tools like artificial intelligence (AI) and machine learning (ML) to enhance evasion and precision. As such, traditional security measures are often insufficient. The report highlights the need for a multi-layered security approach grounded in prevention, detection, and response. Key strategies include adopting a Zero Trust security model, enhancing threat detection using AI/ML, increasing cybersecurity awareness among employees, sharing threat intelligence, and fostering cooperation between nations and private sectors. This report serves as a strategic guide for policymakers, cybersecurity professionals, and organizational leaders, emphasizing the urgency of strengthening defenses against APTs. Effective APT management requires constant vigilance, coordinated action, and advanced technological integration to ensure the protection of critical assets in an increasingly connected world.

Enhancing District Police Cyber Cell Responses to Cyber Fraud: Challenges, Strategies, and Best Practices

2025-09-20T06:23:08+00:00

Cyber fraud has emerged as a significant challenge in Indiaâ€™s rapidly digitizing economy, necessitating robust mechanisms for prevention, detection, and resolution. This study examines the role of digital portals, public awareness programs, and dedicated cyber police stations in enhancing district-level responses to cyber fraud, with Bhilwara District, Rajasthan, serving as a case study. By leveraging data from portals such as Pratibimb, CEIR, JMIS, and NCRP, along with outcomes from local interventions, the research highlights key trends in complaint registration, financial recovery, and public engagement. Findings reveal a substantial increase in cybercrime reporting and the effectiveness of specialized tools in blocking stolen assets, freezing fraudulent accounts, and facilitating inter-state coordination. Public awareness programs have significantly contributed to these outcomes by fostering greater public participation and understanding of cybercrime reporting mechanisms. However, challenges such as resource constraints, declining recovery percentages, and regional disparities in complaint volumes persist. This paper identifies best practices, including the strategic deployment of digital tools and focused awareness campaigns, and proposes recommendations to optimize district-level responses. The study concludes by highlighting the need for enhanced resource allocation, advanced technological integration, and expanded public-private collaboration to address the evolving threat of cyber fraud effectively.

Leveraging Heuristic Approaches to Optimize Lattice-Based Homomorphic Encryption via Approximate Shortest Vector Problem Solutions

2025-10-10T09:38:15+00:00

Lattice-based cryptography is becoming a key part of secure communication that can protect information even from powerful quantum computers, especially when it comes to fully homomorphic encryption, which allows data to be processed without being decrypted. This paper tries to explore the application of heuristic methods to approximate solutions to the Approximate Shortest Vector Problem (Approx-SVP), which could help improve the speed of certain secure encryption systems that rely on lattice-based cryptography. Given
the computational intensity of Approx-SVP, the study aims to develop tailored heuristic techniques that improve efficiency. This paper focuses on simulation experiments and theoretical analyses to evaluate performance metrics. The inference from the findings indicates significant improvements which pave the way for exploring how optimizations might affect the security considerations of lattice- based cryptography in practical cryptographic systems.