Nearly 7 lakh cyber attacks in 2020, IT Ministry tells Parliament
The Ministry of Electronics and Information Technology said proactive tracking by CERT-In and improved cyber security awareness among individuals and organisations across sectors has led to increased reporting of incidents,
The Ministry of Electronics and Information Technology (MeITY) told the Parliament on Monday that Indian citizens, commercial and legal entities faced almost 7 lakh cyber attacks till August this year.
The Indian Computer Emergency Response Team (CERT-In) has “reported 49,455, 50,362, 53,117, 208,456, 394,499 and 696,938 cyber security incidents during the year 2015, 2016, 2017, 2018, 2019 and 2020 (till August) respectively”, the MeITY said while responding to an unstarred question in the Lok Sabha regarding cyber-attacks on Indian citizens and India-based commercial and legal entities.
However, countering the claim that India is among the top five countries with the greatest number of cyber-attacks, the Ministry said that such “vendor reports” are not validated. However, according to a NITI Aayog report by member VK Saraswat, “India ranks 3rd in terms of the highest number of internet users in the world after USA and China, the number has grown 6-fold between 2012-2017 with a compounded annual growth rate of 44%”.
“With proliferation in internet and mobile phone usage, there is a rise in number of cyber security incidents in the country as well as globally. Proactive tracking by CERT-In including its Cyber Swachhta Kendra and National Cyber Coordination Centre (NCCC) and improved cyber security awareness among individuals and organisations across sectors has led to increased reporting of incidents,” MeITY said in its response.
The government also highlighted steps taken to counter the attacks.
“The Indian Computer Emergency Response Team (CERT-In) regularly issues alerts and advisories regarding latest cyber threats/vulnerabilities and countermeasures to protect computers and networks on regular basis.
Government has issued guidelines for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities for securing applications / infrastructure and compliance. Government has empanelled 90 security-auditing organisations to support and audit implementation of Information Security Best Practices,” the ministry said.
The ministry said the government has also formulated “Cyber Crisis Management Plan for countering cyber-attacks and cyber terrorism” for implementation by all Ministries/ Departments of Central Government, State Governments and their organizations and critical sectors”.
It has also conducted 49 mock cyber drills to assess preparedness in sectors such as Finance, Defence, Power, Telecom, Transport, Energy and Space.
“Government has initiated setting up of National Cyber Coordination Centre (NCCC) to generate necessary situational awareness of existing and potential cyber security threats and enable timely information sharing for proactive, preventive and protective actions by individual entities. Phase-I of NCCC has been made operational,” said the response adding that it was in the process of formulating a national cyber security policy.
According to Raman Jit Singh Chima, Global cybersecurity lead and Asia Pacific Policy Director at Access Now, the lack of clarity regarding who manages the cyber-security scenario of India has thrown up way lesser numbers than the actual cyber-attacks.
“These are voluntarily reported incidents,” said Chima. “These include both state and non-state attacks that one govt agency - CERT-IN - is aware of. However, there is no legal requirement in India to declare a data breach. On an average, according to industry report, data breaches cost Indian firms an average of ₹14 crore.”
Chima added that the government needed to expedite the national security policy, explain their position on attributing state cyber attacks, and make it legally binding to report data breaches and cyber incidents in India.
“This is useful initial data but the government should also take note of how many incidents have been found by the National Critical Information Infrastructure Protection Centre to assess how much critical infrastructure has been targeted. They should make this information public and also disclose if any of the attacks can be attributed to other countries, which is a part of the MP’s questions.”