New Delhi: At a time when the Indian government has been taking strong actions against China following the Galwan valley face-off, government sources informed ETV Bharat that many of the hacking incidents of Indian websites have taken place from China.
“China is one of the major origin nations from where hacking of websites including government portals takes place,” a senior official in the Ministry of Electronics and Information Technology (MeitY) stated.
As per the information reported and tracked by Indian Computer Emergency Response Team (CERT-In) a total number of 27205, 33147, 30067, 17560 and 21768 Indian websites were hacked during the year 2015, 2016, 2017, 2018 and 2019 respectively.
There have also been attempts from time to time to launch cyber attacks on Indian cyberspace. It has been observed that attackers are compromising computer systems located in different parts of the globe and use masquerading techniques and hidden servers to hide the identity of actual systems from which the attacks are being launched.
According to the logs analysed and made available to CERT-In, the Internet Protocol (IP) addresses of the computers from where the attacks appear to originate belong to various countries including Algeria, China, France, Netherlands, Pakistan, Russia, Serbia, Taiwan and Tunisia.
Read:| Beware of Phishing: 20 lakh Indians in North Korean hacker group's crosshairs
Aware of the fact, the government has taken several steps to enhance cybersecurity in India.
“For the resolution of incidents involving systems outside the country, CERT-In devises response measures in coordination with its counterpart agencies in foreign countries. The CERT-In issues alerts and advisories regarding the latest cyber threats and vulnerabilities and countermeasures to protect computers and networks regularly,” the government report said.
Government has issued guidelines for Chief Information Security Officers (CISOs) regarding their key roles and responsibilities for securing applications and infrastructure and compliance.
“All the government websites and applications are to be audited concerning cybersecurity before their hosting. The auditing of the websites and applications will be conducted regularly after hosting also. Government has empanelled 90 security auditing organisations to support and audit the implementation of Information Security Best Practices,” the report further said.
Significantly, the government has also formulated the Crisis Management Plan for countering cyber attacks and cyber terrorism for implementation by all Ministries and Departments of Central Government, State Governments and their organizations and critical sectors.
Cybersecurity mock drills are being conducted regularly to enable assessment of cybersecurity posture and preparedness of organisations in Government and critical sectors. 44 such drills have so far been conducted by CERT-In where 265 organisations from different States and sectors such as Finance, Defence, Power, Telecom, Transport, Energy, Space, IT/ITeS, etc participated.
Read:| Hike in cyber-attacks from China, over 40,000 attempts in 5 days
CERT-In conducts regular training programmes for network and system administrators and Chief Information Security Officers (CISOs) of Government and critical sector organisations regarding securing the IT infrastructure and mitigating cyber attacks.
As many as 23 trainings covering 692 participants have been conducted in 2019.
Government has also launched the Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre). The centre is providing detection of malicious programs and free tools to remove the same.
“Government has set up a National Cyber Coordination Centre (NCCC) to generate necessary situational awareness of existing and potential cybersecurity threats and enable timely information sharing for proactive, preventive and protective actions by individual entities. Phase-I of NCCC has been made operational,” the government report said.
Commenting on the matter, strategic affairs and cybersecurity expert Subimal Bhattacharya reiterated that many of such attacks are also coming from China.
“It is very essential to realize that in today’s world cybersecurity becomes a critical part of the national security. The government has to take more steps to control such kinds of attacks. Often, in the name of defacing websites, it targets critical infrastructure. By and large, this problem is not only related to or afflicting India but also across the world,” said Bhattacharya.
He said that many of such attacks have the trans-national character, for example, the attacker might be from one particular country but he is using the network of another country and targeting another third country.
Recently, CERT-In has also issued an advisory against a potential phishing attack on Covid19 related matters by Malicious Actors.
The CERT-In has said that the phishing campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives.
“Such emails are designed to drive recipients towards fake websites where they are deceived into downloading malicious files or entering personal and financial information," the CERT-In said.
Read:| Email forwarders, cybercriminals' favourite way to target a corporate
