From Covid vaccine research centers to banks and financial institutions to PSU major Oil India Limited, a number of institutions have come under cyberattacks over the two years of the pandemic, Lt. Gen. (Dr) Rajesh Pant, the country’s top cybersecurity coordinator, told The Indian Express.
While these attacks “have been successfully foiled,” Lt. Gen. Pant said, they have underscored the need for constant vigilance and global cooperation.
Last week, Lok Sabha was informed that there had been 674,021 cyberattacks in the country this year through June – nearly 3,700 cyberattacks per day, making India the third most targeted country by network attacks in the world.
Building on this, Lt. Gen. Pant, the national coordinator for cybersecurity at the National Security Council Secretariat (NSCS), said healthcare and banking were among the hardest-hit sectors.
Lt-Gen Pant said the attack on Oil India in Assam in April 2022 was one of the “most serious” incidents of ransomware attacks. “There were over 200 Oil India computers encrypted during the attack and Oil India operations were shut down for almost a week.”
A ransom of Rs 120 crore in bitcoins was demanded from Oil India with threats of doubling it. There were no negotiations or payments, Lt. Gen. Pant said.
The power supply restarted its operations by switching to a different software and also hiring a US cybersecurity firm to get operations running again.
There has been a huge increase in malware attacks, and among the targets were at least half a dozen incidents targeting Covid vaccine research centers and institutions conducting academic studies on immunization.
Incidentally, vaccine research and distribution centers in the UK and Germany have also faced ongoing cyber threats.
The banking and financial sector has seen multiple malware and ransomware attacks in the past three months, Lt. Gen. Pant said, at both private and credit union banks.
Although he refused to identify these banks, he confirmed that the attacks were “neutralized” and logged as “cybersecurity incidents” at CERT-IN (Indian Computer Emergency Response Team). The figures for such incidents last year amounted to 1,402,809 attacks.
Demanding ransoms in digital currency, primarily bitcoins, is a well-known pattern after cyberattacks, Lt. Gen. Pant explained.
“Hundreds” of email spoofing incidents have also been reported at the National Informatics Center (NIC), but no major breach has occurred, he said.
Lt. Gen. Pant said that the national cybersecurity strategy is likely to be announced soon, and the National Critical Information Infrastructure Protection Center and I4C (Indian Cybercrime Coordination Center) have also been established. “We work with several agencies,” he said.
“Beer maven. Creator. Tv fanatic. Internet scholar. Award-winning web junkie. Avid alcohol expert. Friendly writer. Gamer.”