National

MeitY organised consultation meeting on Draft Digital Personal Data Protection (DPDP) Rules, 2025.

On 14 January, the Ministry of Electronics and Information Technology (MeitY) organised a consultation meeting with government officials and industry sector on the draft Digital Personal Data Protection (DPDP) Rules, 2025, offering a unique opportunity to contribute to Bharat’s data protection framework. Speaking at the event, Shri Ashwini Vaishnaw, Hon’ble Minister for Electronics and Information Technology (MeiTY), Railways and Information & Broadcasting underlined the government’s approach to the DPDP framework and said “The objective that we had set for ourselves is to keep it simple, be principle-based rather than prescriptive, and let the law and rules evolve rather than casting everything in stone, trust-based approach rather than a cynical one”. The minister noted the significance of comprehending the entire framework, emphasising that it is crucial to consider both the DPDP Act, 2023, and the Draft Rules, 2025, together to fully understand the framework for safeguarding personal data.^[1]

Bharat and the U.S. signed MoU on cybercrime investigations.

On 17 January, Bharat and the United States (U.S.) have signed a Memorandum of Understanding (MoU) to enhance cooperation in cybercrime investigations, which will allow agencies from the two sides to step up collaboration and training. The MoU was signed by Bharat’s Ambassador to the U.S.— Vinay Kwatra and the acting Deputy Secretary of the U.S. Homeland Security— Kristie Canegallo in Washington. “The MoU allows the respective agencies of the two countries to step up the level of cooperation and training with respect to the use of cyber threat intelligence and digital forensics in criminal investigations,” read the statement released by the Ministry of External Affairs.^[2]

“Cybercrime, Deepfakes pose challenges to Bharat’s security”: President Murmu.

Addressing both Houses of Parliament, on 31 January, President of Bharat— Droupadi Murmu said that “digital fraud, cybercrime and emerging technologies such as deepfakes pose challenge to Bharat’s social, economic, and national security. The government has taken several measures to control these cyber threats, creating opportunities for employment in the field of cybersecurity for the youth.”^[3]

“Delhi cyber-frauds siphoned ₹4,900 crore cyber-crime money abroad”: reports Economic Directorate.

In a statement released on 17 January, the Economic Directorate (ED) said that two Delhi-based cyber-criminals— Puneet Kumar and Ashish Kakkar, siphoned more than ₹4,900 crore abroad by misusing Special Economic Zone (SEZ) facilities. “The federal agency took cognisance of multiple police FIRs registered across the country against people involved in crimes like online gaming fraud, multi-level marketing schemes, investment scams and fake loans disbursal frauds through mobile apps. These scams were perpetrated through various fraud websites and apps like upbitro.com (instead of original upbit.com) and a betting website www.taj777.com created by companies based in island nations like Curacao, Malta, and Cyprus,” read the statement issued by the agency.^[4]

International

“Cyber-attack on DeepSeek started in the U.S.”: CCTV report

According to the report of Chinese State media— CCTV, the cyber-attack on the DeepSeek, China’s AI Start-up, started on 03 January and reached a peak with massive brute-force attack originated from the United States (U.S.) IP addresses. “The earlier stage of the cyber-attack contained more distributed denial-of-service (DDoS) attacks that aimed to disrupt DeepSeek’s normal service by overwhelming its servers and bandwidth with a flood of internet traffic. The more recent attacks were primarily brute-force attacks, aiming to crack userIDs and Passwords in an effort to understand the operations of DeepSeek, said CCTV citing a report prepared by Chinese cyber security firm QAX Technology group.^[5]

Ransomware attack disrupted New York blood donation organisation.

On 26 January, a Ransomware attack disrupted the operations of the New York Blood Centre (NYBC), one of the world’s largest independent blood collection and distribution organisations. “We immediately engaged third-party cyber security experts to investigate. This investigation has confirmed that the suspicious activity is a result of a Ransomware incident. We took immediate steps to help contain the threat, including taking certain systems offline. We are working diligently with these experts to restore our systems,” read a statement by NYBC. The attack came days after NYBC announced a blood emergency after a nearly 30 per cent drop in blood donations that led to 6,500 fewer donations and crippled the region’s blood supply. The blood centre has yet to disclose whether the attackers stole or accessed donors’ personal and health information. While no Ransomware operation group has claimed the attack until now, the vast majority of Ransomware gangs also steal sensitive information from victims’ compromised systems before encryption and use it as leverage for extortion.^[6]

Spanish police have shut down two largest cyber-crime forums.

In an international operation, Spanish police shut down two of the world’s largest cyber-crime forums— Cracked and Nulled, which had about 10 million users and earned millions of dollars in profits. According to a statement released by the Europol, “cyber-criminals used the sites to trade illegal goods and services, such as stolen data, malware and hacking tools. The forums also offered scripts to automatically scan victims' systems for security vulnerabilities, making cyberattacks more effective.” Nulled and Cracked, established in 2015 and 2018 respectively, each amassed approximately five million registered user accounts. Authorities have confirmed that these websites were closely associated, both administratively and technically. According to the U.S. Department of Justice, “Cracked generated an estimated $4 million in revenue and adversely affected at least 17 million individuals in the United States (U.S.). Nulled hosted over 43 million posts related to cybercrime tools and stolen information, generating approximately $1 million in annual revenue.” The operation from January 28-30 resulted in the arrest of two cybercriminals and the seizure of 17 servers, over 50 electronic devices, and approximately EUR 300,000 in cash and cryptocurrencies.^[7]

U.K. officials probed DeepSeek AI application.

British officials decided to probe the national security implications of DeepSeek AI application, a China-made AI application based on R1 model to rival ChatGPT and Google’s Gemini. Speaking to POLITICO, Britain’s Technology Secretary— Peter Kyle said that “we scrutinise every innovation of the size and scale and impact of DeepSeek and we will make sure that it goes through the right system. We have a very mature intelligence and security apparatus in the United Kingdom. It is a very regular occurrence that new technologies, new products will emerge onto the global economy, and I just want to reassure people in Britain … the system that we have will look at this as it does at every other innovation and make sure that safety is there from the onset.” Britain’s National Cyber Security Centre (NCSC)— a division of the GCHQ surveillance agency— is known to scan for future technological risks.^[8]

U.S. authorities discovered a backdoor installed in healthcare equipment communicating with Chinese IP address.

On 30 January, the United States (U.S.)’s Cyber Security Infrastructure & Security Agency (CISA) released an alert highlighting the CONTEC CMS8000 patient monitor and OEM white-label variants contain a backdoor communicating to a China-based IP address. The investigation carried out by a cyber-security research institution—Team82 revealed that it was an insecure/vulnerable design that introduced great risk to the patient monitor users and entire hospital networks. The vendor—and resellers who re-label and sell the monitor—list the IP address in their manuals and instruct users to configure the Central Management System (CMS) with this IP address within their internal networks. The device’s server allows the patient monitor to communicate and share the patient data it collects (heart rate, blood pressure, oxygen saturation, etc.) with other systems across the hospital. The vendor used a routable public IP address for this critical function handling sensitive patient information, which could lead to potential patient information leakage.^[9]

Endnotes

^[1]“MeitY organises consultation meeting of government officials and industry on the Draft Digital Personal Data Protection (DPDP) Rules, 2025”, Press Information Bureau, 14 January 2025, available from: https://pib.gov.in/PressReleasePage.aspx?PRID=2092928
^[2]“India, US sign MoU on cybercrime investigations”, Hindustan Times, 18 January 2025, available from: https://www.hindustantimes.com/india-news/india-us-sign-mou-on-cybercrime-investigations-101737187039902.html
^[3]PTI. “cybercrime, deepfakes pose challenge to Bharat’s security: President Droupadi Murmu”, Economic Times, 31 January 2025, available from: https://economictimes.indiatimes.com/news/india/cyber-crime-deep-fakes-pose-challenges-to-indias-security-president-droupadi-murmu/articleshow/117778823.cms
^[4]PTI. “Delhi cyberfrauds siphoned ₹4,900 crore cyber crime money abroad: ED”, Business Standard, 23 January 2025, available from: https://www.business-standard.com/india-news/delhi-cyberfrauds-siphoned-rs-4-900-cr-cyber-crime-money-abroad-ed-125012301404_1.html
^[5]Zheng, William. “Cyberattack on DeepSeek, including brute-force assault, started in the US: Chinese state media”, South China Morning Post, 30 January 2025, available from: https://www.scmp.com/news/china/politics/article/3296765/cyberattack-deepseek-including-brute-force-assault-started-us-chinese-state-media
^[6]Gatlan, Sergiu. “Ransomware attack disrupts New York blood donation giant”, Bleeping Computer, 30 January 2025, available from: https://www.bleepingcomputer.com/news/security/ransomware-attack-disrupts-new-york-blood-donation-giant/
^[7]Antoniuk, Daryna. “Police take down two large cybercrime forums, arrest suspects.” The Record, 30 January 2025, available from: https://therecord.media/cybercrime-forums-cracked-nulled-takedowns-arrests
^[8]Bristow, Tom, Pieter Haeck and Chris Lunday, “DeepSeek Chinese AI app probed by UK Security officials”, Politico, 30 January 2025, available from: https://www.politico.eu/article/deepseek-chinese-ai-app-probed-uk-security-officials-peter-kyle/
^[9]Team82. “Do the CONTEC CMS8000 patient monitor contain a chinese backdoor? a reality is more complicated…”, Team82, 02 February 2025, available from: https://claroty.com/team82/research/are-contec-cms8000-patient-monitors-infected-with-a-chinese-backdoor-the-reality-is-more-complicated