More than 1.5 lakh Indian websites have been hacked in the six years ending 2020, an average of over 26,000 websites each year or 72 every day, analysis of official data shows.
A report released on March 4 by Recorded Future, a US-based company, said that other than 10 power sector assets, including state-run NTPC and Power Sector Operation Corporation Ltd (POSOCO), two ports, oil and gas assets and Indian Railways were also exposed to cyber-attacks by Chinese group RedEcho. Earlier there were reports of hacking attempts/attacks carried out on power utilities and vaccine institutes in the country by China-based groups.
Given the fact that digital systems nowadays are interconnected or inter-linked, any computer network is vulnerable to cyber-attacks, according to Sameer Patil, International Security Studies Programme Fellow at the Gateway House, a Mumbai-based think tank, and former Assistant Director at the National Security Council Secretariat in the Prime Minister’s Office. Many systems that were earlier not online are now connected to the internet to carry out remote operations and hence are vulnerable, he said.
In the past six years, 2016 recorded the most (33,147) website attacks while 2018 reported (17,560) the fewest.
“There have been attempts from time to time to launch cyber-attacks on Indian cyber space,” Sanjay Dhotre, Minister of State for Electronics and Information Technology had said in a reply to the Rajya Sabha on February 11, while sharing the above data. “It has been observed that attackers are compromising computer systems located in different parts of the world and use masquerading techniques and hidden servers to hide the identity of actual systems from which the attacks are being launched.”
Official tracing and analysis reveals that the Internet Protocol or IP addresses of the computers from where the attacks originate belong to various countries, including Algeria, Brazil, China, France, Indonesia, Netherlands, North Korea, Pakistan, Russia, Serbia, South Korea, Taiwan, Thailand, Tunisia, Turkey, the US and Vietnam, Minister Dhotre said in his reply.
In 2019, 54 websites of central ministries, departments and State governments were hacked, down from 110 in 2018 and 172 in 2017.
With the recent revelations of rising cyber-attacks and attempts on government installations and utilities, experts warn that India needs to take cyber security seriously. North Korea, Russia and China are notorious in carrying out such attacks, says Atul Kahate, a cryptography and network security expert.
“Increasingly, countries are resorting to cyber warfare as against traditional warfare, since it can be launched from a cosy AC room and it is difficult to detect or stop. Also, areas such as electricity / water / sanitation / transportation / research are being attacked. With the advent of the Internet of Things (IOT), this is going to become worse,” Kahate said.
Patil notes that “it is not just Indian cyberspace that is vulnerable; even the leaders in this domain like the US are often attacked by Chinese or Russia based groups, which are quite successful many a time. It is an evolving space and no system can be said to be foolproof, as adversarial actors continue to innovate and find gaps in the cybersecurity posture.”
Recently, another investigation found that hackers targeted State Bank of India users with a text phishing scam, requesting them to redeem credit points. The domain name of the website was traced to India with the registrant State as Tamil Nadu.
Over the three years ending 2020, more than 6.9 lakh cyber security incidents pertaining to digital banking such as phishing, network scanning and probing, viruses and website hacking have been reported. These reported incidents increased by more than 80 percent in 2020 over 2018.
Overall, more than 14.5 lakh cybersecurity incidents, such as phishing, unauthorised network scanning, virus/malicious code, website defacements, intrusion and malware propagation, have been reported across the country over the five years ending August 2020. Cyber security incidents reported between January and August 2020 show a 76 percent increase compared to the total incidents recorded in the whole of 2019.
With regard to these incidents, Minister Dhotre, in his reply in September 2020 to the Lok Sabha, had said that the rise in the number of cyber security incidents in the country and globally is as a result of internet proliferation and mobile phone usage.
What hackers target
Hackers target four areas, explains Kahate. First, they attack the vulnerability in the basic software. For instance, many ATMs in India still use the Windows XP operating system (for which Microsoft no longer offers support); second, wrong configuration of software; third, human errors (using weak passwords or not being rigorous about standards and protocols); and fourth, exploiting fear/greed of humans by laying honeytraps or phishing attacks.
“Lack of cyber hygiene increases the vulnerability to attacks and people in India are prone to such threats,” says Patil. “Here’s where social engineering attacks are successful as people divulge digital credentials or sensitive information such as credit card details etc.”
Experts’ say India needs to be alert and government authorities should always update themselves with the latest developments in the space. Any laxity could have severe consequences in the future, they warn.