Over 26,100 Indian websites were hacked in 2020 as per the data recorded by the state-owned Indian Computer Emergency Response Team (CERT-In), the minister of state for electronics and IT Sanjay Dhotre informed the parliament on Thursday (March 18).
Dhotre also highlighted that 110 central ministry websites were hacked last year, along with 54 departmental websites and 59 state government websites. The source of the data was the state-run cybersecurity department CERT-In, which also reported that 17,560 websites were hacked in 2018 and 24,768 were hacked in 2019.
Commenting on the same, the minister added that attempts have been made to launch cyber attacks on Indian cyberspace from time to time. He noted that the attackers compromised computer systems from around the world by relying on masquerading techniques and hidden servers to anonymously attack a system.
“According to the logs analysed and made available to CERT-In, the internet protocol (IP) addresses of the computers from where the attacks appear to be originated belong to various countries, including Algeria, Brazil, China, France, Germany, Hong Kong, Indonesia, Netherlands, North Korea, Pakistan, Russia, Serbia, South Korea, Taiwan, Thailand, Tunisia, Turkey, USA, Vietnam etc,” Dhotre elaborated.
He also noted that the government has undertaken several measures to prevent cybersecurity threats, including Cyber Swachhta Kendra (or botnet cleaning and malware analysis centre), formulation of cyber crisis management plan, and empanelment of security auditing organisations to support and audit the implementation of best practices.
It is important to note that the Indian government was expected to unveil an official cybersecurity strategy policy in January 2020. The most important requirement for cybersecurity is increased effective coordination between ministries that are overseeing various aspects of national security, including critical infrastructure protection and public-private partnerships, national cybersecurity coordinator on cyber policies Rajesh Pant had said in 2019.
According to a report by Mumbai-based cybersecurity firm Sequretek, India has seen a 4000% spike in phishing emails and a 400% uptake in the number of policy violations in 2020. Another survey by Barracuda Networks revealed that 66% of Indian organisations have had at least one data breach or cybersecurity incident since shifting to a remote working model during the pandemic.
Meanwhile, a report by IBM’s ‘Cost of a Data Breach Report 2020’ states that Indian companies witnessed an average $2 Mn total cost of a data breach in 2020, representing an increase of 9.4% from 2019.
Some of the prominent startups to have suffered data breaches in 2020 were BigBasket, Juspay, Unacademy, Zee5, LimeRoad, ImpactGuru and others. Besides this, data of Prime Minister Narendra Modi’s website, narendramodi.in, was also leaked in September 2020.