Ransomware incidents targeting ‘critical infrastructure’ have grown

Taking cognisance of the growing cybersecurity threats, the Centre said that the country has seen a rise in ransomware attacks involving commercial and critical infrastructure.

Minister of State for Electronics and Information Technology Rajeev Chandrasekhar made the statement in Lok Sabha.

“Ransomware incidents have grown over time with attacks across multiple sectors, including commercial and critical infrastructure. Threat actors have modernised their attack methodologies, evolved sophisticated tactics and adopted a wide range of attack campaigns,” said Chandrasekhar in a written reply.

The minister did not divulge any additional data on the extent to which such ransomware attacks had taken place at any Indian critical infrastructure.

The MoS said that the ministry has taken a series of steps – from awareness to formulating a cyber crisis management plan – to deal with the rising number of cyberattacks.

The minister also informed the Parliament that 74 mock cybersecurity drills have been conducted so far by the Indian Computer Emergency Response Team (CERT-In) at 990 central and state-level organisations to assess their preparedness in the event of a cyberattack.

Chandrasekhar added that 41 programmes, covering 11,377 system administrators and the Chief Information Security Officers of critical organisations, have been undertaken between 2021 and 2022 (till November) to mitigate cybersecurity issues.

On the recent AIIMS ransomware attack, he added that five servers of the medical institution were compromised by unknown threat actors, which disrupted critical operations on ground.

The barrage of questions come nearly a month after the operations at the AIIMS Delhi came to a grinding halt due to a ransomware attack that knocked down its servers. Ransomware attacks allow a malicious actor to exploit vulnerabilities in a system and gain access to the infrastructure of organisations.

While a recent report stated that Chinese hackers were involved in the AIIMS attack, there have been numerous reports about attempts made by hackers from Russia, China, and North Korea to hack the servers of Indian healthcare firms such as Serum Institute of India (SII), Bharat Biotech and Dr Reddy’s Labs.

A senior Google executive recently estimated that India recorded 18 Mn cyberattacks and 2 Lakh online threats daily in the first quarter of 2022. Inc42