Cybersecurity Alert and Measures in India
The Indian government is on high alert due to potential cyberwarfare against its digital resources. Despite de-escalated tensions with Pakistan, vigilance against international ransomware groups and state-backed threat actors remains crucial. The Ministry of Electronics and Information Technology (MeitY) is actively engaging with software firms, cybersecurity experts, and industry groups to bolster defenses.
Government Initiatives
- Issuance of new cybersecurity compliance guidelines to industry stakeholders.
- Mandatory reporting of all cyber incidents, along with a structured compliance audit.
- Emphasis on rapid detection and restoration in case of cyberattacks, and preservation of incident logs for third-party audits.
Rise in Cyberattacks
Following Operation Sindoor, more than one million cybersecurity incidents were reported within 10 days, involving state-sponsored actors like APT36. Advanced spear-phishing campaigns with malware such as CrimsonRAT and MeshAgent were noted.
Cert-In Advisory
The Indian Computer Emergency Response Team (Cert-In) has updated advisories for large data fiduciaries and MSMEs, focusing on enhanced cyber defense mechanisms.
Recommendations for Large Data Fiduciaries
- Strengthen authentication and access controls.
- Regular updates with the latest software and security protocols.
- Continuous scans for vulnerable ports.
- Monitor third-party/vendor software for unauthorized updates.
- Use encryption and implement advanced data loss prevention (DLP) solutions.
Recommendations for MSMEs
- Use strong, alphanumeric passwords and anti-virus/malware tools.
- Conduct regular cybersecurity training for employees.
- Maintain regular offline backups of critical data.
- Implement a zero-trust architecture with multi-layer verification.
Critical National Infrastructure
Critical sectors like energy, telecom, and financial services must be particularly vigilant against sophisticated attacks and data breaches. Implementing robust technical controls, enhancing employee cyber hygiene, and sharing threat intelligence are essential measures.