In the last five years, cyber security incidents like hacking, breaching computer systems among others witnessed an almost eight-fold increase in India. In 2019, as per information tracked by the Indian Computer Emergency Response Team (CERT-In), nearly 3.94 lakh cyber security incidents were reported as against 49,455 incidents in 2015, 50,362 in 2016, 53,117 in 2017, 2,08,456 in 2018 and 3,94,499 incidents in 2019.
According to the CERT-In, 54 websites of Central Ministries, departments and State Governments were hacked in 2019, against 110 sites in 2018. These cyber attacks originated from Pakistan, Algeria, Brazil, China, France, Netherlands, North Korea, Russia, Serbia, South Korea, Taiwan, Thailand, Tunisia, USA and Vietnam.
In a written reply to the Lok Sabha, Minister of State for Electronics and Information Technology Sanjay Dhotre said as per the information reported to and tracked by CERT-In cyber security incidents are observed across sectors such as academia, e-commerce, energy, entertainment, finance, Government, healthcare, information and technology, manufacturing, telecom and transportation. “With the increase in the proliferation of Information Technology and related services there is a rise in cyber security incidents in the country as well as globally,” Dhotre said.
“There have been attempts from time to time to launch cyber-attacks on Indian cyber space. It has been observed that attackers are compromising computer systems located in different parts of the world and use masquerading techniques and hidden servers to hide the identity of actual systems from which the attacks are being launched,” the ministry said in its reply. Measures include audit of government websites and applications, formulation of a crisis management plan for countering cyber attacks, and the launch of botnet cleaning and malware analysis centre ‘Cyber Swachhta Kendra’.
Kundankulam Nuclear Power Plant (KNPP) came under a cyberattack in October last year. The damage was in the form of data theft, the same data can be used to enhance future attacks on the power plant. The malware was linked by experts to the North-Korean group Lazarus, infected a computer in the plants external network, rather than the operational one.
According to reports, even ISRO faced attacks prior to the Chandrayan-2 mission. The most prominent trend was the drastic increase in the volume, intensity, and sophistication of cyber-attack campaigns targeting Indian enterprises in 2019. According to a research, Indian organisations have faced over three times more cyberattack than the global average, with cryptocurrency mining malware impacting most of the entities.
According to a CISCO Annual Cyber Security Report, 53% of all cyber attacks led to financial damages of more than $500K (including lost revenue, customers, opportunities, and out-of-pocket costs among others) for organisations in 2018.
