wordpress blog stats
Connect with us

Hi, what are you looking for?

IT Ministry reveals over 6 lakh cybersecurity incidents in first half of 2021, no comment on if critical infrastructure was targetted

Cybersecurity incidents in India have reportedly spiked due to pandemic-driven practices of working remotely. 

In response to a parliamentary question, the Ministry of Electronics and Information Technology (MeitY) revealed that the Indian Computer Emergency Response Team (CERT-In) observed a total of 6,07,220 cybersecurity incidents in the first half of 2021.

In response to a different question on “whether there have been attempts of cyber attacks on critical infrastructure of the country,” MeitY did not provide any specific answer.

Why it matters? Cyber-attacks have been on the rise for the last few years, especially during the pandemic, and is costing victims huge amounts of money. The figures revealed by CERT-In are a good indicator of the overall cybersecurity situation of the country, and as it stands, the situation is not good. As for attacks on critical infrastructure, the government is not disclosing any details, but multiple security companies have claimed that India’s critical infrastructure was targetted by hackers in recent months.

Number of incidents continue to rise

Last year, CERT-In tracked 11,58,208 cybersecurity incidents. The number from January to June this year is on track to beat last year’s number, which was in itself a sharp rise from the 3,94,499 incidents that were tracked in 2019.

Advertisement. Scroll to continue reading.

In April this year, Sophos, a British IT security company reported that about 52% of Indian companies fell victim to a successful cyber attack in the last 12 months. The report says that migration to work-from-home owing to the COVID-19 pandemic posed additional challenges to companies’ cybersecurity capabilities.

Was critical infrastructure targetted?

Although the IT Ministry did not answer this question, earlier this month, researchers at Seqrite claimed that they found sophisticated phishing attempts targeting Indian critical infrastructure PSUs across sectors of finance, power, and telecom by a Pakistan-linked group. The report by Seqrite also said that the attacks were targeted to get access to sensitive information “including screenshots, keystrokes, & files from the affected system”.

In May, Air India (AI), the government’s erstwhile jewel in the sky, reported a massive data breach that compromised the personal details and information of 4.5 million customers. It is one of the most significant data breaches in recent history given that customer information stored for nearly a decade was compromised.

In March, cyber intelligence firm Cyfirma claimed that a Chinese state-backed hacking group had targeted the IT systems of Indian vaccine makers Bharat Biotech and Serum Institute of India.

In February, Recorded Future, an American company that studies the use of the internet by state actors, uncovered a Chinese state-sponsored cyberattack that was targeting India’s electricity grid and power distribution systems. According to Recorded Future, Red Echo, the organisation behind the attack, deployed malware known as ShadowPad. The attack was linked to the unexpected power outage that hit Mumbai in October 2020, but the government denied any connection.

India’s pending cybersecurity policy

India currently abides by the Cybersecurity Policy 2013, although a new cybersecurity policy has been in the works since 2019 and is expected to be released by October this year, according to Lt Gen. (Dr) Rajesh Pant, the National Cyber Security Coordinator. According to reports, the new policy would tackle all aspects of cyberspace including governance or data as a national resource, building indigenous capabilities, and cyber audit.

Advertisement. Scroll to continue reading.

Also Read

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ