According to report, 2023 marked registration of complex cyber-dependent crimes with national security implications. E.g. Malware attack in a ministry, Data breaches and a massive DDOS attack on critical Infrastructure and airport.
- DDOS stands for distributed denial-of-service, a malicious attempt disrupting normal traffic and making website unavailable to legitimate users.
Critical Information Infrastructure (CII):
- Definition: Section 70 of IT Act 2000 defines CII as a computer resource, incapacitation or destruction of which, shall have debilitating impact on national security, economy, public health or safety.
- E.g. Banking, Transportation systems, Water supply, Mobile networks, Defense etc.
Previous cases of Cyber-attacks on CII:
- AIIMS ransomware attack (2023), Kudankulum Nuclear Power Plant cyberattack (2019), ICMR Data breach(2023) etc.
- Apart from this an Overall surge in Cyber-attacks has been observed in India e.g. India reported ~1.6 million security incidents in 2023 compared to ~53,000 in 2017 (CERT-IN).
Key Reasons behind Vulnerability of India’s Critical Infrastructure:
- Budget constraints, relying on third parties, difficulties in continuous monitoring and real-time threat detection, lack of specialized cyber security personnel.
Steps taken for Protection of CII
|
