Cyber Attacks: India the Third Most Cyber-Attacked Nation

The digital world has made our life easier and faster. Nowadays, anything is possible with just a click or a touch. It wouldn't be wrong to say, that our life revolves around the internet. Every business, organisations, and companies are on the internet. However, with the increase in the use of the internet in the world, we have seen a drastic increase in cybercrime as well. Many organisations and faced cyber-attacks on them.

Firstly we need to understand what a cyber-attack is. A cyber-attack can be defined as a malicious activity or planned attempt by any organization or an individual to steal or corrupt the information of the system of another organization or individual. Cybercriminals or hackers generally use various methods to attack the system; some of them are malware, ransomware, phishing, denial of service, and other methods. In this article, we will talk everything about India being the third most cyber-attacked nation and what steps the Government has taken. So, let's take a look at them.

Types of Cyber Attacks
Reasons Behind Cyber Attacks
Biggest Cyber Attacks in India
Steps Taken by Indian Government

Types of Cyber Attacks

Cyber attacks are done in many forms by criminals and hackers and some of them are defined below:

Malware

Malware can be known as malicious software, which includes spyware, viruses, worms, and ransomware. Malware violates laws and launches a network through a vulnerability, generally happens when a person clicks on a minacious link or email attachment that then installs the risky software into your system without your permission. Once this software attacks your system, the malicious software can manage to do things such as install some more malicious and additional harmful software, can obtain and spy on all the information present on the hard disk, can disrupt some components of the system, and can block your access to manage some important components of a computer network.

Phishing

It is a cyber-crime in which a target receives an Email, telephonic call, or a text SMS by someone who pretends to be a lawful organization or institute to lure the targets into providing essential data and sensitive information such as banking details, credit cards, and debit card details, personal information, and various account passwords. Then these details are used by the attacker to access the information-which can further result in financial loss, cyberbullying, cyber blackmailing, and identity theft.

Man-In-The-Middle Attack

This cyber-attack is also known as eavesdropping, takes place when attackers insert themselves in between transactions of two-party. Once the attacker interrupts the traffic, they can rectify and steal information. On less secure public Wi-Fi, attackers can indulge themselves between a visitor device and the network through the same Wi-Fi connection. Without having an idea, the user passes all information through the attacker- after the malware reaches inside the device, the attacker can install malicious software to steal all of the victim's data.

Denial-Of-Service Attack

DoS is a cyber-attack that is meant to shut down a server, network, and machine by making them inaccessible to the right users. DoS floods the target with traffic, or it just sends irrelevant information that triggers a crash of the server or network.  Sometimes attackers can also use multiple compromised devices to attack. This is known as Denial-of-service (DoS).

SQL Injection

Structured Query Language Injection is a cyber-attack that takes place when the attackers insert the malicious coding inside the server that takes over the SQL and forces the system server to disclose the crucial information and data. SQL Injection destroys the database, and the attacker can modify or delete the data stored in the database, causing persistent changes to the application behavior or content.

DNS Tunneling

It is the most damaging DNS attack. Domain Name Systems turns into a hacking weapon. DNS tunneling is a cyber-attack where the hacker or attacker encodes the information of other protocols or programs in DNS queries and responses. DNS tunnelling generally holds data payloads-which can be added to an attacked DNS server and is used to control applications and remote servers.

Reasons Behind Cyber Attacks

There are several reasons why these cyber attacks take place and they are:

• To gain business financial details.
• To gain customer financial information (for example- Bank details).
• To gain product design or trade secrets.
• To gain login credentials and email addresses of various customers or staff.
• To gain or steal sensitive personal information.
• To make a social or political point.
• To destroy a business competitor.
• For financial gains.
• Cyber-warfare: It is a war caused by the Internet to leak information.

Biggest Cyber Attacks in India

SIM Swap Scam

In Mumbai, two hackers were arrested for transferring almost 4 crore rupees from various bank accounts in August 2018. They illegally transferred money from the bank accounts of numerous individuals just by gaining SIM card information. Both the hackers blocked individual SIM cards, and with the support of fake documentation, they pulled out transactions with the help of online banking. Various company accounts were also on the target.

Hacking of Indian Healthcare Websites

In 2019, Health Care websites became the target of cyber-attack. As confirmed by US-based cybersecurity firms, hackers broke in and invaded a leading India-based healthcare website. The hackers were able to steal the information of about 68 lakh patients as well as doctors.

Hacking of UIDAI Aadhaar Software

In 2018, around 1.1 billion Aadhaar cardholders' personal information was breached. According to data by UIDAI, more than 210 websites leaked the essential Aadhar details online. Data leaked included Aadhaar, mobile numbers, PAN, bank account numbers, IFSC codes, and mostly all the personal data of all individual Aadhaar cardholders. If it was not quite shocking, some anonymous hacker was selling the Aadhaar information of individuals for 500 rupees through WhatsApp.

ATM System Hacked

In 2018, cyber attackers targeted the ATM servers of Canara Bank. Almost around 20 lakh rupees were stolen from various accounts of Canara Bank account holders. There were around 50 targets estimated according to information provided by the source. The cyber attackers were able to steal the ATM details of around more than 300 account holders. Hackers were using skimmed devices to wipe out the information from debit cardholders. The transactions made by hackers from various accounts amounted from 10,000 rupees to a maximum amount of 40,000 rupees.

Cosmos Bank Cyber Attack in Pune

Attacked by hackers in the year 2018. The cyber-attackers pulled off almost 94.42 crore rupees from Cosmos Cooperative Bank, which shook the entire banking sector of India. Hackers were able to steal huge amounts by hacking the ATM server of the Bank and gathering the information of debit cardholders and visa details. Hackers from around 28 countries immediately withdrew all the money as soon as they were informed.

Steps Taken by Indian Government

To counter these attacks, the Government of India has taken a few steps to secure companies and organisation from being victim.

Personal Data Protection Bill

The bill implies the processing and storage of any critical data related to individuals living only in India. It majorly states that the sensitive and essential personal information of the individual should be stored locally; however, it can only be processed abroad under some terms and conditions. The bill also focuses on making social media companies more accountable and urging them to solve issues related to the spread of irrelevant and offensive content on the internet.

Website Audit

Surrounded by the rising number of government website hacking, data theft, email phishing, and privacy breach cases in India, the Indian government has taken initiatives to conduct an audit on all of the websites and applications of the government. Under this initiative by the Indian government, around 90 security auditing organizations have been enlisted by the government for auditing the best practices of information security of the Indian government data.

CERT-In

The advancing Indian Computer Emergency Response Team (CERT-In), which is responsible for operating the national agency for handling cybersecurity, has helped in decreasing the rate of cyber-attacks on government networks and servers in India. The implementation of cybersecurity awareness and anti-phishing training across Indian government organizations and agencies has assisted employees working in technological department of government sectors in fighting cybercrimes. Apart from spreading awareness of the hazard caused by phishing attacks to the public, CERT-In has issued advisories and alerts regarding the latest cyber countermeasures and vulnerabilities to counter and tackle them.

Cyber Surakshit Bharat

India aims to strengthen the cybersecurity ecosystem in coordination with the government's vision for making Digital India. The Ministry of Electronics and Information Technology has come up with the Cyber Surakshit Bharat movement. This program is in association with the National e-Governance Division of India. Indian governance system has transformed digitalization rapidly; therefore, the requirement of good governance is important. With such an initiative by the government, there would be an increase in awareness against cybercrime and building the capacity for securing the CISOs and the frontline IT staff across all government organizations in India. Apart from just awareness, the first public-private partnership also includes a series of some workshops to make government employees fight against cybercrimes and help professionals with cyber security health tool kits to take down cyber threats.

Conclusion

Cyber-attacks have now become a weapon to launch attacks on different organisations. Mainly they are done to attain secrets of organisations or Governments. Unfortunately, because of this India has become prone to cyber-attack and in 2020, it recorded 1.16 million breaches alone. Some steps have been taken to counter these attacks, however more and more strong cyber security is needed.

FAQs

Which countries get cyber attacked the most?

Top 3 countries that cyber attacked the most are:

• Japan
• Australia
• India

What do you mean by Cyber Attacks?

A cyber-attack can be defined as a malicious activity or planned attempt by any organization or an individual to steal or corrupt the information of the system of another organization or individual.

Which country is the best for cybersecurity?

Sweden has suffered the lowest rate of malware infection. It is considered as one of the best country with cybersecurity.