Computer Emergency and Response Team – India (CERT-In) recorded over 1.45 million cybersecurity incidents including breaches and hacks between 2015 and 2020. According to the India’s Ministry of Electronics and Information Technology (MeITY), Cert-In reported 49,455, 50,362, 53,117, 208,456, 394,499 and 696,938 cybersecurity incidents during the year 2015, 2016, 2017, 2018, 2019 and 2020 (till August) respectively.
The figures were out after the ministry was asked about growing cyberattacks targeting Indian citizens as well as commercial and legal entities. According to the Internet Crime Report for 2019, released by the U.S. Internet Crime Complaint Centre of the Federal Bureau of Investigation, India stands third in the world among the top 20 countries that are victims of internet crimes. Reports also suggest that the number of internet users in India has grown six-fold between 2012-2017 with a compound annual growth rate of 44%.
“With the proliferation in the internet and mobile phone usage, there is a rise in the number of cybersecurity incidents in the country as well as globally. Proactive tracking by CERT-In including its Cyber Swachhta Kendra and National Cyber Coordination Centre (NCCC) and improved cybersecurity awareness among individuals and organizations across sectors has led to increased reporting of incidents,” according to NITI Aayog report by member VK Saraswat.
To combat the attacks, the government has also taken up several initiatives. These include:
- Regularly issuing alerts and advisories regarding the latest cyber threats/vulnerabilities and countermeasures.
- Issuing guidelines for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities for securing applications/infrastructure and compliance.
- Empaneling 90 security auditing organizations to support and audit the implementation of Information Security Best Practices.
- Formulating Cyber Crisis Management Plan for countering cyberattacks and cyber terrorism for implementation by all Ministries/ Departments of Central Government, State Governments, and their organizations and critical sectors.
- Conducting mock drills to enable assessment of cybersecurity posture and preparedness of organizations in Government and critical sectors.
- Conducting regular training programs for network/system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organizations regarding securing the IT infrastructure and mitigating cyberattacks.
- The government has also launched the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). The center is providing detection of malicious programs and free tools to remove the same.
- Setting up of the National Cyber Coordination Centre (NCCC) to generate necessary situational awareness of existing and potential cybersecurity threats and enable timely information sharing for proactive, preventive, and protective actions by individual entities.
India Reports Twice as Many Attacks Compared to Other Countries
The recent Acronis Cyber Readiness Report 2020, from cybersecurity firm Acronis revealed how organizations are mitigating the effects caused by the pandemic to their business operations and security posture. The report revealed that 56% of organizations stated that their IT costs have increased significantly in the past months. India reported nearly twice as many cyberattacks as any other country, followed by the U.S. and the UAE.
“Adaptation of digitization is taking place at a faster pace, be it in businesses or in other walks of life. It is expected that we will be soon transiting wholly to newer technologies like cloud computing, Artificial Intelligence, Internet of Things, and 5G spectrum, which will naturally expand our dependency on digitization multifold. However, in the absence of stringent cybersecurity infrastructure, cyber threats can be disastrous for our entire social fabric. There has been a recent surge in cyberattacks on Indian digitals cape that are only increasing in scope and sophistication, targeting sensitive personal and business data and critical information infrastructure, with an impact on the national economy and security. Cyberwarfare is relentless in trying to erode the security fortification of several sectors in the country. This is certainly a wakeup call for India to have stronger policies in place,” said Nikhil Korgaonkar, Regional Director, India & SAARC at Arcserve.