2023 Ransomware Attack on Indian Defence Unit: A DoPT Report Insight

What’s in today’s article?

• Why in News?
• Cyber Attacks
• Key Highlights from the 2023-24 DoPT Report

Why in News?

• According to the 2023-24 annual report of the Department of Personnel Training (DoPT), a crucial defence unit was affected by a ransomware attack in 2023. 
• The CBI investigated multiple cybercrimes with national security implications, including ransomware, a massive DDOS attack on critical infrastructure, and a malware breach within a Ministry.

Cyber Attacks

• About
  • A cyber attack is a malicious attempt by individuals or groups to disrupt, damage, or gain unauthorized access to computer systems, networks, or data. 
  • These attacks can result in data breaches, financial losses, and compromised security, affecting individuals, organizations, and even national infrastructures.
• Types of Cyber Attacks
  • Phishing
    • In phishing attacks, attackers deceive users into providing sensitive information like login credentials or financial details through fake emails or websites. 
    • For example, in a 2020 attack, hackers used phishing emails to impersonate World Health Organization officials, exploiting COVID-19 fears.
  • Ransomware
    • Ransomware is a type of malware that locks or encrypts data, demanding ransom for access restoration. 
    • E.g., the WannaCry ransomware attack of 2017 affected organizations worldwide, including the UK’s National Health Service, halting critical healthcare services.
  • Distributed Denial-of-Service (DDoS)
    • In DDoS attacks, attackers flood a server with excessive traffic, overwhelming it and making services unavailable.
    • A DDOS attack disrupted the planned live interview between Elon Musk and Donald Trump on X during the US Presidential election 2024.
  • Malware
    • Malware includes viruses, worms, and spyware that can disrupt systems, steal data, or damage files. 
    • For instance, the 2010 Stuxnet worm targeted Iran’s nuclear facilities, sabotaging centrifuges and slowing nuclear development.
• Challenges
  • Evolving Attack Methods
    • Attackers continually innovate, making it difficult for defenses to keep pace. 
    • Ransomware has evolved to double extortion, where attackers also threaten to release sensitive data if the ransom is unpaid.
  • Lack of Skilled Cybersecurity Professionals
    • The demand for skilled cybersecurity experts often outpaces supply, leaving gaps in defense for many organizations.
  • Cross-Border Complexity
    • Many cyber attacks originate outside national borders, complicating law enforcement efforts and international collaboration.
  • Rising Costs and Impact on Critical Infrastructure
    • Cyber attacks can impose heavy financial costs on affected entities and disrupt essential services. 
    • For example, a 2023 ransomware attack on a critical Indian defense unit underscored the risks to national security posed by such incidents.

Key Highlights from the 2023-24 DoPT Report

• Ransomware Attack on Defence Unit and Surge in Cyber Crimes
  • A crucial defence unit was affected by a ransomware attack in 2023. 
  • The CBI investigated multiple cybercrimes with national security implications, including ransomware, a massive DDOS attack on critical infrastructure, and a malware breach within a Ministry.
• Data Breach and Rising Cybersecurity Threats
  • In October 2023, Resecurity reported a major data leak at the Indian Council of Medical Research (ICMR), exposing Aadhaar and passport information of 81 crore Indians. 
  • CERT-In documented 15,92,917 cybersecurity incidents in 2023, including website intrusions, phishing, and data breaches—a significant rise from 53,117 incidents in 2017. 
  • Remedial measures were implemented in collaboration with stakeholders.
• Cross-Border Cyber Fraud Investigations and International Collaboration
  • The CBI partnered with international agencies, including the FBI, Royal Canadian Mounted Police, and Singapore police, to dismantle fraud networks operating from India. 
  • Notable cases involved cryptocurrency scams, call centre fraud targeting U.S. and Canadian citizens, and crypto fraud linked to Australian tax evasion.
• Cyber Crime Impact on Indian Citizens and Financial Fraud Investigations
  • The CBI tackled cyber fraud impacting Indian citizens, including app-based investment scams originating in neighboring countries. 
  • An IMPS fraud case initiated by RBI involved ₹820 crore in reversed transactions across banks.
• Revised Cybersecurity Oversight and Coordination Roles
  • In September 2023, the Cabinet Secretariat revised the Allocation of Business Rules. 
  • The National Security Council Secretariat, under NSA Ajit Doval, was assigned to lead cyber security coordination.
  • The Ministry of Electronics and Information Technology was designated to secure telecom networks and the Ministry of Home Affairs to handle cybercrimes.

Q.1. What cybersecurity challenges does India face in critical infrastructure?

India faces growing cybersecurity threats, including ransomware, DDoS attacks, and data breaches in critical sectors. Such attacks expose vulnerabilities, highlighting the urgent need for robust defenses and skilled professionals.

Q.2. How has India responded to rising cybercrime incidents?

In response to rising cybercrime, India has strengthened collaboration with international agencies, designated cybersecurity roles among ministries, and implemented remedial measures to manage threats across sectors.

Source: Crucial defence unit was hit by ransomware attack in 2023: DoPT report