Crucial defence unit was hit by ransomware attack in 2023: DoPT report
A crucial defence unit was affected by a ransomware attack in 2023, according to the 2023-24 annual report of the Department of Personnel Training (DoPT), published last week. In such an attack, access to a computer is blocked through malware until a ransom is paid.
The report mentions that in 2023, the Central Bureau of Investigation (CBI) investigated complex cyber crimes with national security implications which included “a ransomware attack on a crucial defense unit, a data breach impacting millions of Indian users, a malware attack in a Ministry, and a massive DDOS attack on critical infrastructure and airports in India.” DDOS stands for distributed denial-of-service, a malicious attempt to disrupt internet traffic.
The report does not specify the location of the critical defence unit that was hit by ransomware. India had hosted the G-20 conference the same year.
Cyber crime surge
In October 2023, American cyber security and intelligence agency Resecurity had issued an alert that the Indian Council of Medical Research (ICMR) had suffered a data leak of the Aadhaar and passport information of 81 crore Indians, along with their names, phone numbers, and addresses.
According to the 2023 annual report of the Indian Computer Emergency Response Team (CERT-In), as many as 15,92,917 security incidents were reported last year, a massive jump from 53,117 such incidents reported in 2017. These incidents included: website intrusion and malware propagation, malicious code, phishing, DDOS attacks, website defacements, unauthorised network scanning/probing activities, ransomware attacks, data breaches and vulnerable services. CERT-In noted that remedial measures for handling such incidents were suggested and implemented in coordination with relevant stakeholders.
Attacks across borders
The DoPT report said that the CBI had collaborated with international counterparts such as the Federal Bureau of Investigation (FBI), Royal Canadian Mounted Police (RCPM), and Singapore police, to target and dismantle call centre fraud networks in India. “Notably, intelligence from the FBI led to the unveiling of a scam involving $2 million in cryptocurrencies linked to a fake tech support call centre defrauding U.S. citizens,” the report said.
Despite the fraught diplomatic relations with Canada over the past year, the CBI in collaboration with the RCMP identified a Delhi-based call centre that scammed Canadian citizens, resulting in the recovery of a significant amount of cash and evidence. “Additionally, CBI traced bitcoins from an Australian citizen to a wallet in Delhi, exposing the international scope of crypto frauds in a case of Australian tax fraud. In India, a large-scale crypto mining scam was uncovered, deceitfully extracting ₹100 crore from Indian citizens,” the report said.
Highlighting the “broad spectrum of cyber threats facing the nation,” the report said that the CBI investigated investment and loan app frauds perpetrated on Indian citizens from neighboring countries. “Acting at the instance of RBI [Reserve Bank of India], CBI registered a case of IMPS (Immediate payment service) fraud at UCO Bank involving reversed transactions across multiple banks, amounting to a staggering ₹820 crore,” the report said.
Changing roles
The CBI has been the Union government’s designated nodal agency to investigate computer crimes since 1999. On September 29, however, the Cabinet Secretariat amended the government’s Allocation of Business Rules to designate the National Security Council Secretariat, which reports to National Security Adviser Ajit Doval, as the agency “to provide overall coordination and strategic direction for Cyber Security”.
The order also designated the Ministry of Electronics and Information Technology as the nodal body for the “security of telecom networks”, and the Ministry of Home Affairs for matters relating to cyber crimes.
Published – November 10, 2024 01:04 am IST