General Studies 2021 GS Paper III 10 marks 150 words Compulsory Analyse

Q10

Keeping in view India's internal security, analyse the impact of cross-border cyber attacks. Also discuss defensive measures against these sophisticated attacks. (Answer in 150 words)

हिंदी में प्रश्न पढ़ें

भारत की आंतरिक सुरक्षा को ध्यान में रखते हुए, सीमा-पार से होने वाले साइबर हमलों के प्रभाव का विश्लेषण कीजिए। साथ ही, इन परिष्कृत हमलों के विरुद्ध रक्षात्मक उपायों की चर्चा कीजिए। (150 शब्दों में उत्तर दीजिए)

Evaluate your answer to this question → See all 2021 General Studies questions

Directive word: Analyse

This question asks you to analyse. The directive word signals the depth of analysis expected, the structure of your answer, and the weight of evidence you must bring.

See our UPSC directive words guide for a full breakdown of how to respond to each command word.

How this answer will be evaluated

Approach

The directive 'analyse' requires breaking down the impact of cross-border cyber attacks on India's internal security into constituent elements, followed by a discussion of defensive measures. Structure as: brief introduction defining cross-border cyber threats → analytical body covering impacts (critical infrastructure, economic, strategic) → defensive measures (technical, institutional, legal, international) → forward-looking conclusion with India's cyber posture.

Key points expected

Impact on critical infrastructure: power grids (Mumbai 2020 blackout), nuclear facilities, financial systems
Economic and data security implications: ransomware attacks on Indian corporations, IP theft, loss of business confidence
National security and strategic dimensions: cyber espionage by state/non-state actors, links to terrorism, election manipulation
Defensive measures: CERT-In, National Cyber Security Strategy, Information Technology Act amendments, air-gapping critical systems
International cooperation: need for cyber treaties, bilateral agreements, role of UN GGE on cyber norms
Indigenous capacity building: National Critical Information Infrastructure Protection Centre, cyber deterrence doctrine

Evaluation rubric

Dimension	Weight	Max marks	Excellent	Average	Poor
Demand-directive understanding	20%	2	Clearly distinguishes between 'analyse' (breaking down impacts systematically) and 'discuss' (examining defensive measures); maintains analytical depth rather than descriptive listing throughout	Addresses both parts but treats 'analyse' descriptively; some conflation between impact analysis and defensive discussion	Misreads directive as purely descriptive; fails to analytically decompose impacts or conflates both demands into generic narrative
Content depth & accuracy	20%	2	Covers multi-dimensional impacts (infrastructure, economic, strategic, sovereignty) with accurate technical terms (APT groups, zero-day, air-gapping); defensive measures span prevention, detection, response, recovery	Mentions 2-3 impact areas and defensive measures but lacks specificity; generic references to 'firewalls' and 'cyber security' without institutional/technical depth	Superficial treatment with factual errors; conflates cyber crime with cyber warfare; omits critical infrastructure or state-sponsored attack dimensions
Structure & flow	20%	2	Tight 150-word discipline with clear analytical progression: definition → layered impact analysis → graduated defensive response → conclusion; seamless transition between 'analyse' and 'discuss' segments	Recognisable structure but uneven weightage; either impacts or defensive measures disproportionately covered; some abrupt transitions	Disorganised or lopsided structure; word limit exceeded or significantly underutilised; no clear demarcation between analytical and discussion components
Examples / case-law / data	20%	2	Specific Indian instances: Mumbai power grid attack (2020) linked to Chinese threat actors, Kudankulam nuclear plant malware (2019), Cosmos Bank heist (2018); cites CERT-In reports or National Cyber Security Policy 2013	Generic reference to 'power grid attacks' or 'banking frauds' without naming incidents; or only international examples (WannaCry) without Indian context	No concrete examples; hypothetical scenarios; irrelevant case law (IT Act sections without application); factual errors in cited incidents
Conclusion & analytical edge	20%	2	Forward-looking synthesis: need for cyber deterrence doctrine, offensive cyber capabilities, or India's stance on cyber sovereignty; recognises gap between defensive measures and implementation	Summary restatement of points without synthesis; generic call for 'strengthening cyber security' without specific policy direction	Missing or abrupt conclusion; purely descriptive ending; no recognition of strategic dilemmas (privacy vs security, sovereignty vs global internet governance)

Practice this exact question

Write your answer, then get a detailed evaluation from our AI trained on UPSC's answer-writing standards. Free first evaluation — no signup needed to start.

Evaluate my answer →