Central and state governments are doing a good job at thwarting the hacking of their websites - as per data shared with the Parliament on Wednesday. The numbers of hacking incidents have fallen every year since 2016.
In a response to a question in the Lok Sabha, Minister for Electronics and Information Technology Ravi Shankar Prasad said that as per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), about 48 websites were hacked in 2019 until October. This compares to 110 in 2018, 172 in 2017, and 199 in 2016. These numbers include the websites of central ministries or departments as well as state governments.
The government, the minister hinted, is taking a proactive approach to cyber crimes. He said that all the government websites and applications are audited from a cyber security perspective before they are hosted. The auditing of the websites and applications are conducted on a regular basis even after they are hosted. "Government has empanelled 90 security auditing organisations to support and audit implementation of Information Security Best Practices. The government has formulated Crisis Management Plan for countering cyber attacks and cyber terrorism for implementation by all ministries/ departments of central government, state governments and their organisations and critical sectors," he added.
The minister informed that cyber security mock drills are being conducted regularly to enable assessment of cyber security preparedness of organisations in the government and in critical sectors. About 44 drills have thus far been conducted by CERT-In - 265 organisations from the states and sectors such as Finance, Defence, Power, Telecom, Transport, Energy, Space, IT/ITeS, participated, the minister informed.
Private security reports, meanwhile, have been warning of a higher number of targeted ransomware or malware attacks in 2020 - attacks that deny access to computer files or data until ransom is paid. China's Belt and Road Initiative (BRI) could drive cyber espionage across many regions in the world in 2020, a report by security firm FireEye warned.
The report, 'The road ahead: Cyber security in 2020 and beyond', stated that recent cyber espionage activities related to the BRI have targeted many governments, transportation, energy, defense, space, media and telecommunications sectors. "Simultaneously, we have seen Chinese espionage activity evolve to be more deliberate and covert amid a restructuring of the country's intelligence apparatus," the report added. BRI aims to boost Chinese connectivity with the world.
Besides BRI, other geopolitical tensions could also drive espionage. "Geopolitical tensions are, regardless of the inciting issue, often a significant driver of intrusions and disruptive attacks. Currently, we are seeing Western tensions with Iran accelerate the tempo of Iranian cyber operations," the report stated. "We have seen activity from several Iranian groups including APT33, APT34, and TEMP.Zagros-against financial services, media and entertainment, retail and other sectors," it added.