Ransomware attack hit key defence unit last year: DoPT

Sub: Sci

Sec: Awareness in IT and Computers

Context:

Recently, the 2023-24 annual report of the Department of Personnel Training (DoPT) was published.

Details of the report:

The report mentions that in 2023, the Central Bureau of Investigation (CBI) investigated several complex cybercrimes with national security implications, including:
- Ransomware attack on a crucial defence unit.
- Data breach impacting millions of Indian users.
- Malware attack in a government ministry.
- A massive DDOS (Distributed Denial of Service) attack targeting critical infrastructure and airports in India.
The CBI collaborated with international law enforcement agencies like the FBI, RCMP (Royal Canadian Mounted Police), and Singapore Police to tackle global cyber fraud.
Crypto frauds have gained prominence, with scams involving large sums of money being unearthed.

Surge in cybercrimes:

According to the Indian Computer Emergency Response Team (CERT-In), 15,92,917 security incidents were reported in 2023, a significant increase from 53,117 incidents in 2017.
These incidents included website intrusions, malware propagation, phishing, DDOS attacks, and data breaches.

ICMR Data Leak:

In October 2023, Resecurity, an American cybersecurity and intelligence agency, issued an alert about a data leak at the Indian Council of Medical Research (ICMR), which exposed sensitive information like Aadhaar and phone numbers of 81 crore Indians addresses.

Key terms:

Ransomware is malicious software that encrypts a victim’s files, making them inaccessible until the victim pays the attacker a ransom.
Denial of Service (DoS) refers to a type of cyberattack aimed at disrupting the normal functioning of a computer system, network, or service by overwhelming it with traffic, making it unavailable to legitimate users. The primary goal is to deny access to the service, causing a temporary outage or system crash.
Malware (short for malicious software) refers to any software intentionally designed to cause damage, disrupt, or gain unauthorized access to computer systems, networks, or devices.
A website intrusion refers to unauthorized access or attack on a website with the intent to exploit vulnerabilities, steal data, deface the site, or cause disruptions to the website’s functionality.
Phishing is a type of cyberattack in which attackers attempt to deceive individuals into divulging sensitive personal information, such as login credentials, credit card numbers, or financial details. Phishing is typically executed through fraudulent emails, messages, or websites that impersonate legitimate organizations or individuals.