Cybersecurity incidents in India have reportedly spiked due to pandemic-driven practices of working remotely.
In response to a parliamentary question, the Ministry of Electronics and Information Technology (MeitY) revealed that the Indian Computer Emergency Response Team (CERT-In) observed a total of 6,07,220 cybersecurity incidents in the first half of 2021.
In response to a different question on “whether there have been attempts of cyber attacks on critical infrastructure of the country,” MeitY did not provide any specific answer.
Why it matters? Cyber-attacks have been on the rise for the last few years, especially during the pandemic, and is costing victims huge amounts of money. The figures revealed by CERT-In are a good indicator of the overall cybersecurity situation of the country, and as it stands, the situation is not good. As for attacks on critical infrastructure, the government is not disclosing any details, but multiple security companies have claimed that India’s critical infrastructure was targetted by hackers in recent months.
Number of incidents continue to rise
Last year, CERT-In tracked 11,58,208 cybersecurity incidents. The number from January to June this year is on track to beat last year’s number, which was in itself a sharp rise from the 3,94,499 incidents that were tracked in 2019.
In April this year, Sophos, a British IT security company reported that about 52% of Indian companies fell victim to a successful cyber attack in the last 12 months. The report says that migration to work-from-home owing to the COVID-19 pandemic posed additional challenges to companies’ cybersecurity capabilities.
Was critical infrastructure targetted?
Although the IT Ministry did not answer this question, earlier this month, researchers at Seqrite claimed that they found sophisticated phishing attempts targeting Indian critical infrastructure PSUs across sectors of finance, power, and telecom by a Pakistan-linked group. The report by Seqrite also said that the attacks were targeted to get access to sensitive information “including screenshots, keystrokes, & files from the affected system”.
In May, Air India (AI), the government’s erstwhile jewel in the sky, reported a massive data breach that compromised the personal details and information of 4.5 million customers. It is one of the most significant data breaches in recent history given that customer information stored for nearly a decade was compromised.
In March, cyber intelligence firm Cyfirma claimed that a Chinese state-backed hacking group had targeted the IT systems of Indian vaccine makers Bharat Biotech and Serum Institute of India.
In February, Recorded Future, an American company that studies the use of the internet by state actors, uncovered a Chinese state-sponsored cyberattack that was targeting India’s electricity grid and power distribution systems. According to Recorded Future, Red Echo, the organisation behind the attack, deployed malware known as ShadowPad. The attack was linked to the unexpected power outage that hit Mumbai in October 2020, but the government denied any connection.
India’s pending cybersecurity policy
India currently abides by the Cybersecurity Policy 2013, although a new cybersecurity policy has been in the works since 2019 and is expected to be released by October this year, according to Lt Gen. (Dr) Rajesh Pant, the National Cyber Security Coordinator. According to reports, the new policy would tackle all aspects of cyberspace including governance or data as a national resource, building indigenous capabilities, and cyber audit.
- Government Officials Targeted By Malicious Web Link Seeking Vaccination Status: Report
- National Cyber Security Strategy Will Have Framework For Cyber Insurance’: Rajesh Pant
- 2020 was a good year for cyber criminals, a bad one for financial and payments security
- Cyber Attacks On Critical Infrastructure Increased During Pandemic: Ajit Doval