In today’s world of technological advancements, digitalization has become an innate need for every sector – be it the corporate or the defense or the commercial, etc. However, as was said in Spiderman – with great power comes great responsibility.
With the introduction of the metaverse and virtual reality and myriads of other digital facilities, people keep forgetting the downside of it. There are always two sides to the same coin. Nobody gives as much attention to securing the cyber network as they give to buying and selling stocks in the highly addictive metaverse.
As a result of this lack of security, India has been prone to cyber-attacks for quite some time now.
Cyber Attacks On India
According to the National Crimes Record Bureau, India registered 136 cybercrime cases in 2020 almost every day.
According to a cybersecurity firm known as Acronis, 1 in 2 Indian companies faced cyber-attacks at least once a day amid the pandemic, with 16% attacked each hour.
Razorpay
The first company that faced the brunt of these attackers was Razorpay which is an online payment gateway.
Razorpay stated that the hackers stole 7.3 crore rupees worth of funds in 831 transactions over a period of 3 months. Innumerable media reports suggest that an unauthorized actor(s) with malicious intent manipulated the authorization process of the gateway to authenticate these transactions.
Juspay
The next attack was on Juspay in 2021. Juspay is an Indian startup that handles payments for online marketplaces such as Amazon, Flipkart, Jiomart, etc. Juspay identified unauthorized activity on August 18, 2020. The company was alerted in the early hours of the morning.
According to the investigation, threat actors used an unrecycled, old Amazon Web Services access key to access the server. As a result of which, there was a data breach and the data of over 100 million client customers including those of Amazon, Flipkart, Airtel, and Jiomart was leaked and sold on the dark web for bitcoins worth 6000 dollars.
Oil India Ltd.
Between October 2021 and April 2022, the government-owned oil and gas extraction company Oil India Ltd. reported cases of cyberattacks. It also found a ransom note on one of the infected computers demanding 75 million dollars which loosely translates to 58 crore rupees.
Air India
The 2021 Air India cyberattack was a cyberattack that affected more than 4.5 million customers of Air India airlines. The attack was made directly on Air India’s passenger service system provider SITA in February 2021. Frequent flyer data and credit card data were affected due to the breach.
SITA is an information technology and communications company and is the data processor of Air India’s passenger service system. While the SITA cyber attack was first discovered at the end of February, Air India said it only understood the severity of the cyber attack last month.
MobiKwik
MobiKwik is an Indian payment service provider founded in 2009 that provides a mobile phone-based payment system and digital wallet. According to reports, the data of nearly 10 crore users was on sale on a hacker forum on the dark web in early 2021.
The data included highly sensitive information such as KYC details for many of the users, Aadhar Cards, signatures, etc. It is the biggest data leak in Indian history. The name of the hacker group was revealed to be ‘Jordan Daven.’
These are only to name a few of the biggest cyber breaches. Apart from these, in May 2021, data related to 18 crore orders of Domino’s was made public on the internet. In March 2021, Indian IT company Tech Mahindra which manages the “smart city project” faced a ransomware attack that resulted in a loss of an estimated 5 crore rupees.
So the question arises, why is India so vulnerable in terms of a data breach?
Read More: Pune Based Startup Launches Device To Prevent Cyber Attacks
Why Is India So Prone To Cyber Attacks?
According to Chief Information Security Officer – Prasad T of InstaSafe which is a software company,
“Driven by COVID restrictions, most organizations have moved to the cloud today, while individual use of the internet has also increased exponentially. And given the somewhat fragmented cybersecurity regulations that govern the Indian cyberspace, there is a dire need for a defined set of guidelines that can help build a robust security strategy.
With the advent of organizations like CERT-In and DSCI, cybersecurity awareness has reached new heights, but there are still miles to go before India can be classified as a country with a robust cybersecurity posture.”
The Indian cyber security does not follow concrete rules and regulations and does not have strict monitoring as compared to countries like USA and Europe thereby making them vulnerable to the loopholes in their digital space. Hence, making it accessible to hackers.
The COO of Asia Pacific, 1 Kosmos Siddharth Gandhi stated,
“When customers/employees start accessing enterprise resources from unsecured networks or personal devices, it puts the entire network at risk. In most cases, the point of entry/access is the target and once credentials are stolen, the chances of protecting the data are very low as the intent of cyberattack may vary from espionage, stealing IP or just ransomware.”
India needs to build a stronger asset inventory that compels security teams to make an all-around view of who is accessing what and perform regular audits of these assets to ensure there are no scopes for vulnerabilities.
To conclude, the only way India can protect itself from cyber phishing and cyber-attacks is by taking a page out of the books of the US Department of Defense.
Disclaimer: This article is fact-checked.
Image Sources: Google Images
Sources: India Times, NDTV, The Economic Times
Find the Blogger: @Rishita51265603
This post is tagged under cyber attack, cyber attack on India, MobiKwik, Juspay, Razorpay, Oil India Ltd., Air India, ransomeware
Disclaimer: We do not hold any right, copyright over any of the images used, these have been taken from Google. In case of credits or removal, the owner may kindly mail us.
More Recommendations:
Famous Cyber Attacker Anonymous’ Identity Revealed; Their End Game Matches Their Attack On Russia