wordpress blog stats
Connect with us

Hi, what are you looking for?

More cybersecurity incidents reported till October this year than whole of 2020: MeitY reveals in Rajya Sabha

The figures revealed by CERT-In are a good indicator of the overall cybersecurity situation of the country, and as it stands, the situation looks grim.

A total of 12,13,784 cybersecurity incidents were reported to CERT-In up till October this year, according to a response by the Minister of State for Information Technology Rajeev Chandrasekhar. Rajya Sabha MP Shreyams Kumar asked the question during the ongoing winter session of the Parliament. The data on cybersecurity incidents for 2021 without the last two months is still higher than the total number of cases—11,58,208—in 2020.

Government organisations were the target in 32,736 incidents up till October 2021, whereas the figure stood at 54,314 last year. The Ministry of Electronics and Information Technology (MeitY) did not reveal whether critical infrastructure was a target in these incidents.

What is CERT-In? Indian Computer Emergency Response Team is responsible for tracking and monitoring cybersecurity incidents in India.

Why it matters: The figures revealed by CERT-In are a good indicator of the overall cybersecurity situation of the country, and as it stands, the situation looks grim with 2021 on track to be the biggest year in terms of cybersecurity incidents reported in India.

How much is India spending on cybersecurity?

The MeitY had revealed in response to a parliamentary question that it allocated Rs. 416 crore this year toward strengthening India’s cybersecurity. The answer was a response to questions posed by BJP Lok Sabha MPs Arjun Lal Meena and Sunil Kumar Singh during the monsoon session of the Parliament this year.

Advertisement. Scroll to continue reading.

The stipulated amount constitutes nearly four percent of the total budget allocation of the ministry. However, it is more than Rs. 310 crore allocated in the financial year 2020-21 and Rs.162 crore in 2019-20.

India’s pending cybersecurity policy

The Ministry of Defence had informed the lower house of the Parliament in August that the government was in the final stages of approving the National Cyber Security Strategy that has been in the pipeline since 2019.

The new policy will cover several aspects of cyberspace including:

  • Governance and data as a national resource
  • Building indigenous capabilities
  • Cyber audit
  • Drones
  • Decentralisation of cybersecurity responsibilities
  • Cyber insurance
  • Internet of Things
  • Ransomware

Currently, India adheres to the National Cyber Security Policy 2013 but the policy is considered to be outdated given the pace of change that has taken place in cyberspace over the last eight years.

Full text of the question and answer

Will the Minister of ELECTRONICS AND INFORMATION TECHNOLOGY be pleased to state:-

(a) whether the Ministry has noted certain cyberattacks in the country on organisations including
Government and Non-Government organisations;
(b) if so, the details thereof including conspiracy involved; and
(c) the steps taken to avoid such attacks in future?

ANSWER

MINISTER OF STATE FOR ELECTRONICS AND INFORMATION TECHNOLOGY (SHRI RAJEEV CHANDRASEKHAR)

Advertisement. Scroll to continue reading.

(a) and (b): The Government is well aware of cyber security threats as the Internet expands and more & more Indians get connected and use Internet. Indian Computer Emergency Response Team (CERT-In) is mandated to track and monitor cyber security incidents in India. CERT-In has reported that a total number of 1158208 and 1213784 cyber security incidents are observed during the year 2020 and 2021 (upto October) respectively. Out of this, a total number of 54314 and 32736 cyber security incidents were related to Government organizations during the year 2020 and 2021 (upto October) respectively.

(c): Government is fully cognizant and aware of various cyber security threats; and has taken following measures to enhance the cyber security posture and prevent cyber-attacks:

  1.  The Indian Computer Emergency Response Team (CERT-In) issues alerts and advisories regarding latest cyber threats/vulnerabilities and countermeasures to protect computers and networks on regular basis.
  2. Government has issued guidelines for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities for securing applications / infrastructure and compliance.
  3. All the government websites and applications are audited with respect to cyber security prior to their hosting. The auditing of the websites and applications is conducted on a regular basis after hosting also.
  4. CERT-In conducts regular training programmes for network / system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organisations regarding securing the IT infrastructure and mitigating cyber-attacks. 15 and 17 training programs were
    conducted covering 708 and 4801 participants during the year 2020 and 2021 (till October 2021) respectively.
  5. Government has formulated a Cyber Crisis Management Plan for countering cyber-attacks and cyberterrorism for implementation by all Ministries/ Departments of Central Government, State Governments and their organizations and critical sectors.
  6. Cyber security mock drills are conducted regularly in Government and critical sectors. 61 such drills have so far been conducted by CERT-In where 600 organisations from different States and sectors participated.
  7. Government is operating the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). The centre is providing detection of malicious programs and free tools to remove the same.
  8. Government has set up the National Cyber Coordination Centre (NCCC) to generate necessary situational awareness of existing and potential cyber security threats. Phase-I of NCCC is
    operational.
  9. CERT-In co-operates, works and coordinates incident response measures with international CERTs, overseas organisations and service providers as well as Law Enforcement Agencies.
  10. National Critical Information Infrastructure Protection Centre (NCIIPC) provides near real time threat intelligence and situational awareness based on which regular alerts and advisories are sent to Critical Information Infrastructure (CII) / Protected System (PS) entities.
  11. Ministry of Home Affairs (MHA) has issued National Information Security Policy and Guidelines (NISPG) to all Ministries and Government Departments for implementation.
  12. To deal with cybercrimes in a coordinated & comprehensive manner, Government has launched the online National Cyber Crime Reporting Portal, ‘www.cybercrime.gov.in’ to enable citizens to report complaints pertaining to all types of cyber crimes with special focus on cyber crimes against women and children.

Also read:

Written By

I cover several beats such as crypto, telecom, and OTT at MediaNama. I will be loitering at my local theatre and consuming movies by the dozen when I am off work.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.

News

The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.

News

In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?

News

The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.

News

The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ