During his address at the 17th India Digital Summit on 20-21 February 2023, Bharat’s National Cyber Security Coordinator (NCSC) Lt Gen (Dr) Rajesh Pant (Retd), said that “companies should invest more than 10 per cent of Information Technology (IT) assets in cyber security. In the future, once 5G comes, we expect the five billion internet users to reach 25 billion by the end of 2023, and therefore, companies must invest in security and never compromise on the security part”.
“The World Economic Forum (WEF) has been saying that cyber crime is the biggest manmade risk to the economic progress of a nation. Last year, the total loss was estimated to be USD 6 trillion,” said Lt Gen (Dr) Pant.[1]
In reply to a question raised in Rajya Sabha (the Upper House of Parliament) on 10 February 2023, the Minister of State (MoS) for Electronics and Information Technology (E&IT)— Rajeev Chandrasekhar, informed that Bharat (India) witnessed 13.91 lakh cyber security incidents in 2022. However, incidents declined in 2022, down from 14.02 lakh in 2021. According to the available data[2], the following counts of cyber incidents were recorded in respective years:
Informing about the AIIMS cyber incident in November 2022, the minister said that “as per the analysis, servers in the IT network of AIIMS were compromised by unknown threat actors due to improper network segmentation, which caused operational disruption due to the non-functionality of critical applications. Bharat’s Computer Emergency Response Team (CERT-In) and other stakeholder entities advised necessary remedial measures.” Further replying to the question, the minister informed the parliament that a draft of the National Cyber Security Strategy (NCSS) had been formulated by the National Security Council Secretariat (NSCS). The NCSS would address various issues related to the security of Bharat’s cyberspace.[3]
An indigenous Artificial Intelligence/Machine Learning (AI/ML) based security mechanism has been successfully roll-out for Aadhaar-based finger authentication. The mechanism uses a combination of finger minutia and finger image to verify the liveness of the fingerprint captured. This will be significant in segments including banking and financial, telecom, and government sectors. It will also strengthen the Aadhaar-based payment system and control malicious attempts by criminal elements.
The adoption of Aadhaar-based authentication transactions has been increasing as it has proven to be a facilitator in providing various welfare benefits and services.By the end of December 2022, the total number of Aadhaar authentication transactions had surpassed 88.29 billion, with an average of 70 million daily transactions. Most are fingerprint-based authentications, indicating their popularity and utility in everyday life.[4]
On 06 February 2023, the Comptroller and Auditor General (CAG) of India— Girish Chandra Murmu, addressed the 06th meeting of the Heads of Supreme Audit Institutes (SAIs) of the Shanghai Cooperation Organisation (SCO) held in Lucknow, Uttar Pradesh, and called upon the SCO’s member states to cooperation in combating cyber security threats in auditing. “The digitisation of government operations and adoption of advanced emerging technologies had brought new challenges and responsibilities for protection against artificial intelligence-powered advanced malware,” said CAG Murmu.
Bharat uses Artificial Intelligence (AI) techniques to identify a specific, focused set of sample units for in-person audit. To extract insights from the information gathered from the audited entities, Bharat is also using AI techniques. During the audit planning stage, the risk areas of interest discovered through artificial intelligence technologies are used to identify objectives and develop an audit design matrix.It enables a more focussed and effective auditing methodology.[5]
On 27 February 2023, the Permanent Representative of Albania to the Council of Europe— Ambassador Dastid Koreshi, signed the 2nd Additional Protocol to the Convention on Cybercrime on enhanced cooperation and disclosure of electronic evidence. Initially, the Additional Protocol was opened for signature on 12 May 2022 within the framework of an international conference in Strasbourg, France.
The instrument offers innovative tools, such as direct requests to registrars in other jurisdictions to obtain domain name registration information, direct cooperation with service providers in other jurisdictions to obtain subscriber information, more effective means of securing subscriber information and traffic data through government-to-government collaboration, expeditious cooperation in emergencies, joint investigation teams and joint investigations, video conferencing.[6]
In mid-February 2023, the United States Marshal Service (USMS) had a security breach which compromised sensitive information. In a statement released on 27 February, the USMS spokesperson— Drew Wade, informed that “the affected system contained law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects to USMS investigations, third-parties, and certain USMS employees.” Wade confirmed that the incident occurred on 17 February, when the USMS found a ransomware and data exfiltration event affecting a stand-alone USMS system.
According to a senior law enforcement official, the breach did not involve the Witness Security Program (WSP) database, and no one in the WSP is in danger because of the data breach.[7]
On 05 February 2023, Hackers intruded into the internal business systems of Reddit and stole internal documents, including source code. As a modus operandi, hackers deployed a phishing method targeting Reddit employees with a landing page impersonating its intranet site. The attempt was to steal employees’ credentials and two-factor authentication tokens. “After successfully obtaining a single employee’s credentials, the attacker accessed some internal docs, code, internal dashboards and business systems. There are no indications of a breach of Reddit’s primary production systems, including the stack that ‘runs’ Reddit and stores the majority of data,” read the security incident notice of Reddit.
After investigating the incident, Reddit informed that the stolen data included limited contact information for company contacts and current and former employees.[8]
On 26 February 2023, Denmark’s nine hospitals suffered a cyber-attack following Distributed-Denial of Service (DDoS) from a group called “Anonymous Sudan”. The Health authorities of Copenhagen tweeted that despite the websites being down due to the attack, the medical care facilities were unaffected. After a couple of hours, the websites were back “online”.[9]
On its Telegram channel, Anonymous Sudan claimed the attacks were due to Quran burnings. The Quran burning was a reference to an incident in Stockholm where the Quran was set alight in front of the Turkish embassy by Rasmus Paludan— a dual Danish-Swedish national.[10]
[1]MTI News Desk. “Firms should invest over 10% of IT assets in cyber security: National Cyber Security Coordinator Lt Gen (Retd) Dr Rajesh Pant”, MTI News, 20 February 2023, accessed on 15 March 2023. Available from: https://mtinews.in/firms-should-invest-over-10-of-it-assets-in-cyber-security-national-cyber-security-coordinator-lt-gen-retd-dr-rajesh-pant/
[2] “Cyber Security Attacks— Unstarred Question no. 1043”, Rajya Sabha, 10 February 2023, accessed on 16 March 2023, available from: https://pqars.nic.in/annex/259/AU1043.pdf
[3]Thathoo, Chetan. “India witnessed 13.9 lakh cyber security incidents in 2022: Govt”, Inc42, 11 February 2023, accessed on 16 March 2023, available from: https://inc42.com/buzz/india-witnessed-13-9-lakh-cybersecurity-incidents-in-2022-govt/
[4]Press Information Bureau. “UIDAI rolls out new security mechanism for robust fingerprint based Aadhaar authentication”, Ministry of Electronics and IT, 27 February 2023, accessed on 16 March 2023, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=1902822
[5]Singh, Rajesh Kumar. “CAG calls for global cooperation to combat cyber security threats in auditing”, Hindustan Times, 07 February 2023, accessed on 17 March 2023, available from: https://www.hindustantimes.com/cities/lucknow-news/cag-calls-for-global-cooperation-to-combat-cyber-security-threats-in-auditing-101675705515537.html
[6] “Albania becomes 36th State to sign the Second Additional Protocol to Convention on Cybercrime”, Council of Europe, 27 February 2023, accessed on 14 March 2023, available from: https://www.coe.int/en/web/cybercrime/-/albania-becomes-36th-state-to-sign-the-second-additional-protocol-to-convention-on-cybercrime
[7]Blankstein, Andrew, Michael Kosnar et. al. “US Marshal Service suffers ‘major’ security breach that compromises sensitive information, senior law enforcement officials say”, NBC News, 28 February 2023, accessed on 14 March 2023, available from: https://www.nbcnews.com/politics/politics-news/major-us-marshals-service-hack-compromises-sensitive-info-rcna72581
[8]Sosa Keyser. “We had a security incident. Here’s what we know”, Reddit, 05 February 2023, accessed on 14 March 2023, available from:
https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/
[9]Region Hovedstaden (@RegionH). “Tweet”, 26 February 2023, 09:22 PM, available from: https://twitter.com/RegionH/status/1629872125212344325
[10]Martin, Alexander. “Danish hospitals hit by cyberattack from ‘Anonymous Sudan’”, The Record, 27 February 2023, accessed on 15 March 2023, available from: https://therecord.media/danish-hospitals-hit-by-cyberattack-from-anonymous-sudan