Indian Government Organizations: A Favorite Target for Hackers
Over the last few years, the cybersecurity situation in India has become quite volatile. While spending on cybersecurity has increased significantly, the number of cyber attacks shows no signs of slowing down. According to official estimates, the number of ransomware attacks in India has increased by 120 percent. Despite growing vigilance among public and private organizations in India, power companies, telecom vendors, oil and gas companies, diagnostic laboratories, and even restaurant chains have fallen victim to cyber attacks.
Moreover, government institutions in India have become one of the most popular targets among cybercriminals these days. According to data provided by the Computer Emergency Response Team of India (CERT-In), there were more than 6.07 million cyber security incidents in the first half of 2021, of which around 12,000 involved government organizations. In this blog, we will discuss the major cyber attacks that have targeted Indian government organizations and the steps taken by the government to prevent these occurrences.
Major Cyber Attacks on the Indian Government
Over the past decade, India has seen a series of vicious and devastating cyber attacks on various government institutions and critical infrastructure. Here are some examples of such attacks:
Government Website Defaced
Recently, there has been a series of cyber attacks targeting more than 70 private and public sector websites in India. Popular hacktivist group DragonForce Malaysia has taken credit for this campaign, which involves carrying out several large-scale "injection" attacks. As a result of this spate of attacks, many government websites were defaced, while several others were down for more than 48 hours. Affected government sites included the Indian Embassy in Israel, the National Institute of Agriculture and educational institutions such as Delhi Public School.
Attack on Kolkata International Airport?
In 2019, the Kolkata International Airport faced a massive cyber attack that targeted nearly one-third of its infrastructure. The attack led to the shutdown of the LAN and the erasure of flight information display panels, flight handling terminals and CCTV surveillance. The chaos caused by the attack resulted in 30 flights being delayed and about 4,000 passengers stranded. The situation forced the CISF to deploy additional personnel and IT experts took more than nine hours to resolve the issue and successfully restart the system.
Cyber Espionage Campaign by Pakistani Group APT
In mid-2019, the Pakistan-aligned Advanced Persistent Threat Team (APT) targeted India's critical infrastructure of public enterprises related to telecommunications, energy and finance. The attack was suspected to be cyber espionage aimed at gaining access to sensitive information to gain a competitive advantage against India. As part of the campaign, these Pakistani government-linked hackers sent phishing emails to Indian government employees. They even created fake government and military websites and sent government-themed document attachments to deliver the malware.
领英推荐
Compromise of Prime Minister Narendra Modi's Twitter Account?
In September 2020, Indian Prime Minister Narendra Modi's Twitter account was compromised by an unknown group. This account updates the Prime Minister's mobile app and personal website. Hackers used Modi's compromised account to tweet that India had officially adopted Bitcoin as legal tender. Additionally, the fraudulent tweet contained a fraudulent link that promised to give away free bitcoins. The tweet stated that the government had purchased 5,500 bitcoins and was going to distribute them to the people of the country.
Power Outage in Mumbai
On 12 October 2020, Mumbai, the financial capital of India, suffered a massive power outage. As a result, water supplies were affected, train services were canceled and hospitals had to depend on generators. Navi Mumbai and Thane had to struggle to continue their daily operations until the issue was resolved two hours later. The incident was suspected to be caused by 14 Trojan horses, a type of malicious malware that could have infected the servers of the Maharashtra State Electricity Transmission Company. Cyber security experts have pointed the finger at the Chinese People's Liberation Army (PLA) as the party responsible for the attack.
COVID-19 Lab Results Leaked
In January 2021, personal data including the results of COVID-19 laboratory tests of thousands of people in India was leaked online from a government server. Leaked personal information included names, dates of birth, addresses, phone numbers, and COVID-19 test results. All of this data was made available to the public and could be easily accessed with a simple Google search. Additionally, the leaked data was put up for sale on a website called Raid Forums, where the cybercriminal claimed to have the personal data of more than 20,000 Indians.
PII of Police Personnel at Risk
In February 2021, the Personal Identifiable Information (PII) of 500,000 Indian citizens who participated in a police examination conducted in December 2019 was put up for sale online. The leaked data belonged to the candidates of the preliminary examination conducted by the Bihar Police Subordinate Services Commission (BPSSC) for the post of Sergeant/Sub-Inspector/Assistant Jail Warden. The compromised information included candidates' full names, dates of birth, email ID, FIR records and criminal history.
What is the Government of India Doing to Prevent Cybercrime?
As we have already established from the above examples, India's national critical infrastructure and government institutions have never been more vulnerable to cyber attacks than they are today. Looking at the current situation, the Indian government has already started investing time, effort and money in strengthening the country's security infrastructure. It has introduced a number of initiatives and taken many steps to strengthen the current cyber security environment in the country.
Moreover, with a strong belief that creating cyber security awareness among the public is critical to cybercrime prevention, India's Ministry of Home Affairs (MHA) has launched the Cyber Jagrukta Divas initiative. Under this initiative, all the government organizations falling under the ministry’s purview are requested to celebrate Cyber Jagrukta Divas on the first Wednesday of every month by generating cybersecurity awareness amongst employees.