Attempts from time to time to launch attacks on Indian cyberspace: Govt

The Ministry of Electronics and Information Technology (MeitY) confirmed on Friday that there are attempts from time to time to launch cyber attacks on Indian cyberspace. "Government is fully cognizant and aware of various cyber security threats," wrote minister of state for MeitY Rajeev Chandrasekhar in a written reply in the Rajya Sabha on Friday. 

Chandrasekhar explained that Indian Computer Emergency Response Team (CERT-In) is mandated to track and monitor cyber security incidents in India. CERT-In co-operates, works and coordinates incident response measures with international CERTs, overseas organizations and service providers as well as law enforcement agencies.

"CERT-In has reported that a total number of 5461, 33514, 70798, 85797, 54314 and 48285 cyber security incidents related to Government organisations during the year 2016, 2017, 2018, 2019, 2020 and 2021 respectively," wrote Chandrasekhar.

He conveyed that it has been observed that such attackers compromise computer systems located in different parts of the world and use masquerading techniques and hidden servers to hide the identity of actual systems from which the attacks are launched.

Chandrasekhar further added that according to the logs analysed and made available CERT-In, the Internet Protocol (IP) addresses of the computers from where the attacks appear to be originated belong to various countries including Algeria, Brazil, China, France, Germany, Hong Kong, Indonesia, Netherlands, North Korea, Pakistan, Russia, Serbia, South Korea, Taiwan, Thailand, Tunisia, Turkey, USA, Vietnam etc. 

He also explained that the government has taken measures to effectively address cyber threats including hybrid threats. These include formulating a Cyber Crisis Management Plan (CCMP) to counter cyber-attacks and cyber-terrorism. It is for implementation by all ministries, government departments and their organisations. The plan also covers hybrid threats and influence via cyber channels.

CERT-In also conducts workshops for ministries, government departments and critical organisations to sensitise them about the cyber security threat landscape, which includes cyber vectors of hybrid influence. A total of 128 workshops have been conducted so far, out of these 31 CCMP workshops conducted during the year 2021.

"Cyber security mock drills and table top exercises are conducted regularly to enable assessment of cyber security posture and preparedness of organisations in Government and critical sectors which includes cyber vectors of hybrid influencing," wrote Chandrasekhar. He added that 64 such drills are conducted by CERT-In where 820 organizations from different States and sectors participated. 

Also read: Seven hackers aged 16 to 21 arrested in connection with cyber crime gang Lapsus

Also read: As cybersecurity talent becomes rare, Indian companies struggle to play catch-up