news details |
|
|
| Govt Deptts face 6 lakh cyber-attacks in 5 years | | | Early Times Report
Jammu, Dec 6: In a significant revelation, government departments, including vital defence units, have faced nearly six lakh cyber attacks over the past five years. Sharing details in the Rajya Sabha, Minister of State for Electronics and Information Technology, Jitin Prasada, highlighted the alarming rise in these attacks, especially in recent years.
According to the minister, a staggering 5,85,669 cyber attacks were reported in various government entities, with a marked increase in the last couple of years.
Sharing details in the Rajya Sabha Minister of State for Electronics and Information Technology, Jitin Prasada on Friday informed that 5,85,669 cyber attacks were reported in many government entities and departments including defence units during the last five years.
Sharing year-wise details, the Minister said that as per the information reported to and tracked by the Indian Computer Emergency Response
Team (CERT-In), in 2019, 85797 were reported. The number of attacks was 54314 in 2020. In 2021 48285 attacks were experienced and thus number jumped to 1,92,439 in 2022. In 2023 2,04,844 cyber attacks were reported.
This data underscores a significant spike in cyber threats, with the number of attacks more than doubling from 2021 to 2022, and continuing to rise in 2023.
Minister Jitin Prasada assured the Rajya Sabha that the government's policies aim to ensure an open, safe, trusted, and accountable internet for all users. He emphasized that CERT-In is the designated national agency for responding to cybersecurity incidents, as per section 70B of the Information Technology Act, 2000.
To address the growing challenge of cybersecurity threats, the government has implemented several strategic measures:
Chief Information Security Officers (CISOs): All Central Ministries/Departments and States/UTs have been directed to appoint CISOs to handle cybersecurity matters.
National Critical Information Infrastructure Protection Centre (NCIIPC): Established under section 70A of the IT Act, 2000, NCIIPC protects the nation's critical information infrastructure. It provides threat intelligence, situational awareness, alerts, advisories, and information on vulnerabilities to organizations.
National Cyber Coordination Centre (NCCC): Implemented The data furnished by the government underscores a significant spike in cyber threats.
The cyber attacks doubled from 2021 to 2022, and continued to rise in 2023.
The CERT-In is the designated national agency for responding to cybersecurity incidents.
To address the growing challenge of cybersecurity threats, the government has implemented several strategic measures.
Cyber Crisis Management Plan: CERT-In has formulated this plan to counter cyber attacks and cyber terrorism, which is implemented by all Ministries/Departments and critical sectors.
Cyber Swachhta Kendra (CSK): This citizen-centric service extends the vision of Swachh Bharat to cyberspace. It provides tools to detect and remove malicious programs and offers cybersecurity tips and best practices.
CERT-In continuously issues guidelines and advisories to enhance cybersecurity across government entities:
Cyber Security Directions (April 2022): Guidelines on information security practices, response, and reporting of cyber incidents.
Information Security Practices (June 2023): Covers domains such as data security, network security, identity and access management, and more.
Guidelines for Secure Application Design (September 2023): Detailed guidelines for secure software development and operations.
Software Bill of Materials (SBOM) Guidelines (October 2024): Helps organizations identify and fix software vulnerabilities.
In November 2023, CERT-In issued an advisory to various ministries to strengthen the cybersecurity of entities processing digital personal data. The advisory emphasizes measures for data protection and prevention of cyber threats.
CERT-In also operates an automated cyber threat intelligence exchange platform to proactively collect, analyze, and share tailored alerts with organizations. This helps in the proactive mitigation of cyber threats.
CERT-In coordinates incident response measures with international CERTs, service providers, and Law Enforcement Agencies (LEAs). Regular cybersecurity mock drills are conducted to assess and enhance the resilience of government and critical sector organizations.
The National Informatics Centre (NIC) provides IT support to various government entities, ensuring robust information security policies and practices. These efforts aim to prevent cyber attacks and safeguard sensitive data.
The comprehensive measures taken by the government highlight its commitment to enhancing cybersecurity and protecting the nation's critical infrastructure from escalating cyber threats. |
|
|
|
|
|
|
|
|
|
|
|
|
| |
| |
|
|
|
|
 |
|
|
