By Nishant Arora
New Delhi, Dec 6 (IANS): As cyber attacks surge in India especially in the digital payments and healthcare sectors, the Computer Emergency Response Team (CERT-In) at the Ministry of Electronics and Information Technology (MeitY) is leaving no stone unturned in understanding and mitigating the constantly evolving threat landscape prevailing in the country.
The year 2020 saw several UPI-related frauds and several banks issued advisories, alerting users about the same. Ransomware-related cyber attacks on the Indian enterprises have manifold this year and the country today is then second-most targeted country for ransomware (after the US) across the world.
According to Dr Sanjay Bahl, Director-General, CERT-In, they have seen different set of attacks during the pandemic and the threat actors primarily employed references related to COVID-19 in phishing attacks to steal sensitive information and drop additional malware.
"The threat actors devised new strategies to target victims with scams or malware campaigns using legitimate corporate branding in the name of COVID-19 and names of trusted organisations in phishing attacks in order to attain credibility and to lure victims," Bahl told IANS.
The hackers lured their victims in the country open attachments, promotional and discount codes and delivered trojans via Android apps.
"Ransomware attacks also evolved with new attack vectors and data stealing," he added.
Bahl said that CERT-In has taken necessary measures to curb these kinds of attacks by issuing timely alerts and advisories along with technical information to prevent the attacks, best practices and recommendations to its constituency users and organisations.
In addition to players like Paytm and Google Pay, the crowded Indian digital payments market will now be joined by WhatsApp which recently got approval to start its payments service in a graded manner.
Indian has also been digitising its healthcare sector and the researchers have predicted that this sector is expected to see a rise in cyber attacks during 2021.
There has been a massive surge in cyber attacks against the India vaccine makers and hospitals in the month of October and December.
According to the latest research by New Delhi-based think tank CyberPeace Foundation, nearly 80 lakh attacks were recorded between October 1 and November 25 observed on the healthcare sector-based 'Threat Intelligence Sensors' network specifically simulated in India.
Earlier this year, Greenbone Sustainable Resilience, a German cybersecurity firm reported that medical details of over 120 million Indian patients had been leaked and made freely available on the Internet.
Recently, Dr Reddy's Laboratories also confirmed a ransomware attack. After a week of this incident, another Indian pharmaceutical company Lupin confirmed an information security incident that has affected multiple internal systems.
According to Genie Gan, Head of Public Affairs for Asia Pacific, Kaspersky, they have witnessed ransomware becoming a great threat to municipalities all around the world in 2019.
"The trend is seen to continue and grow even in 2021. Other than targeted ransomware attacks, government bodies and institutions globally have been targeted by state-sponsored cybercriminal groups," Gan told IANS.
"As the number of attacks in the Covid-19 era drastically increased globally as well as in India, it seemed a natural next step for us and CERT-In to outline certain areas of future cooperation between both the parties to increase cybersecurity awareness and preparedness in the country," she added.
CERT-in is currently working closely with Kaspersky to keep users aware of new threats, issuing timely alerts on various attack campaigns, updates on trojans, malware targeting Indian users and organisations as well as ransomware and zero-day attacks.
"This threat intelligence helps us in taking necessary proactive measures and enhancing awareness about the cyber ecosystem among the growing Indian online users," Bahl noted.
Critical infrastructures such as power grids, power plants, etc have also been a constant target for cybercriminals with the motive to cause a state of chaos in the region.
Government institutions and critical infrastructures have also seen multiple attempts of zero-day attacks that can cause great damage if not patched immediately.
"The increasing trend of creating deep fakes on politicians/leaders of various countries and circulating them on social media platforms is also becoming a major challenge for governments around the world," Gan emphasised.