Almost 300% rise in cyber attacks in India in 2020, govt tells Parliament | Latest News India - Hindustan Times
close_game
close_game

Almost 300% rise in cyber attacks in India in 2020, govt tells Parliament

ByNeeraj Chauhan
Mar 23, 2021 04:16 PM IST

The ministry did not elaborate on the attacks or the profile of attackers. But cyber experts said the spike could be linked to an increase in online activity last year particularly during the lockdown imposed to check the Covid-19 spread

Cyber attacks amid the Covid-19 pandemic rose by almost 300% last year in the country to reach 1,158,208 compared to 394,499 in 2019, the Union home ministry told Parliament on Tuesday, citing the data from Computer Emergency Response Team (CERT-In).

Representational Image. (Getty Images/iStockphoto)
Representational Image. (Getty Images/iStockphoto)

The ministry did not elaborate on the attacks or the profile of attackers. But cyber experts said the spike could be linked to an increase in online activity last year particularly during the lockdown imposed to check the Covid-19 spread. The experts blamed a lack of cybersecurity awareness for phishing and malware attacks.

Hindustan Times - your fastest source for breaking news! Read now.

“CERT-In receives inputs from its situational awareness systems and threat intelligence sources about malware infections in networks of entities across sectors. Whenever any incident comes to notice of CERT-In, it issues alerts and advisories to the entities concerned and sectoral CERTs for remedial measures,” Union minister of state for home affairs G Kishan Reddy told Parliament. He was responding to a query on cyber attacks on India’s power supply and on a company supplying Covid-19 vaccines.

Also Read | After power sector, transport ministry gets alert about attempted cyberattack

Earlier this month, American cyber intelligence company Recorded Future said it uncovered a suspected China-linked cyber operation that was focused on India’s electricity grid and other critical infrastructure. While the company did not link a wide power outage in Mumbai to the operation, which it titled RedEcho, it did not rule out a link. Recorded Future said RedEcho deployed malware known as ShadowPad, which has been previously linked to Chinese cyber soldiers.

Reddy said the government has issued guidelines to chief information security officers regarding their key roles and responsibilities for securing applications/infrastructure and compliance. “All the government websites and applications are audited with respect to cybersecurity prior to their hosting. The auditing of the websites and applications are conducted on a regular basis after hosting also. [The] government has empanelled security auditing organisations to support and audit [the] implementation of information security best practices.”

Reddy said the government has formulated a Cyber Crisis Management Plan for countering cyber attacks for implementation by all ministries/ departments of the central government, state governments, and their organisations.

He added the government is operating the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). “The centre is providing detection of malicious programmes and free tools to remove the same.” Reddy said the government has set up the National Cyber Coordination Centre to generate necessary situational awareness of existing and potential cybersecurity threats.

Pavan Duggal, a cyber law expert said, there are mainly two reasons for the increase in cyber-attacks last year. “...first, the fear and panic due to Covid-19, which cyber-criminals were able to weaponize to their benefit. Secondly, the work-from-home ensured that cyber security did not get the kind of attention it was supposed to get. It was far easier to breach the systems at home than at the workplace. But, keeping numbers aside, this can be called the golden age of cyber-crimes. The cyber breaches will be a new normal now with both state and non-state actors involved.”

HT on Monday reported the Union transport ministry on Sunday received an alert from the Cert-IN regarding “targeted intrusion activities” directed towards the country’s transport sector with “possible malicious intentions”. This came after a slew of cybersecurity attacks on the Indian government’s domains over the past few months.

On February 25, HT reported about new phishing emails using compromised government accounts to target groups of officials, attempting to lure them into sharing their passwords on a page that mirrored the government’s official mail server sign-on website.

On February 21, HT also reported that the devices of multiple former defence personnel may have been compromised in a phishing attack launched through similar attacks carried out by government domain email addresses.

Last year, the National Highways Authority of India reported a cyberattack on its email server and said prompt action resulted in no data loss. It shut down its server then as a precaution.

Unveiling Elections 2024: The Big Picture', a fresh segment in HT's talk show 'The Interview with Kumkum Chadha', where leaders across the political spectrum discuss the upcoming general elections. Watch now!

Get Current Updates on India News, Election 2024, Mukhtar Ansari Death News Live, Bihar Board 10th Result 2024 Live along with Latest News and Top Headlines from India and around the world.
SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
OPEN APP
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Friday, March 29, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On