GS Paper 3
Syllabus: Internal Security: Cyberspace
Source: CERT-IN
Context: The Computer Emergency Response Team of India (CERT-In) has reported that ransomware attacks are not only motivated by money but also by geopolitical conflicts.
What is Ransomware?
Ransomware is a type of malicious software or malware that is designed to block access to a computer system, network, or data until a ransom is paid. E.g., WannaCry (2017), Petya/NotPetya (2017); GandCrab (2018)
Major findings of the Report:
[/su_table]| Findings | Descriptions |
| Ransomware incidents | The number of reported ransomware attacks in India in 2022 was 53% higher than in 2021 |
| Target | Ransomware attacks targeted critical infrastructure organizations to disrupt services and extract ransom payments |
| Sector most impacted | The IT/ITeS sector in India was the most impacted by ransomware attacks, followed by the finance and manufacturing sectors |
| Most prevalent variants | Lockbit was the most prevalent ransomware variant in India, followed by Makop and DJVU/Stop, Makop and Phobos; Vice Society and BlueSky were new variants |
| RaaS ecosystem | The RaaS (Ransomware-as-a-service) ecosystem is becoming more prominent, allowing even non-technical individuals to launch ransomware attacks |
| Restoration time | On average, the restoration time is about 10 days for infections in reasonably large infrastructure networks |
| Recommendations | Organizations should regularly update their contingency plan; have higher cyber awareness among their employees |
How do ransomwares work? (Source: CERT-In)
Various initiatives for cybersecurity:
- Global:
- Budapest Convention on Cybercrime (2004, the first international treaty that seeks to address Internet and cybercrime by harmonizing national laws)—India is not a signatory.
- India:
- Policies: National Cyber Security Policy 2013; National Cyber Security Strategy 2020
- Schemes: Cyber Surakshit Bharat Yojana (2018, MeITY+ NeGD+ Industry)—to create awareness programs on cyber security; Cyber Swachhta Kendra (free Botnet Cleaning and Malware Analysis tools)
- Institutions: Indian Cyber Crime Coordination Centre(I4C) (est. in 2018; under Home Ministry)—to combat cybercrime in India in a comprehensive and coordinated manner; National Critical Information Infrastructure Protection Centre (NCIIPC); National Cyber Coordination Centre (NCCC) (under CERT-In)
Conclude:
Continuous efforts are needed to Secure (National Cyberspace), Strengthen (Structures, People, Processes, and Capabilities), and Synergise (Resources including Cooperation and Collaboration) in the field of cyberspace in India.
About CERT-IN:
The Indian Computer Emergency Response Team (est. 2004; HQ: New Delhi) is an office within the Ministry of Electronics and Information Technology. It is the nodal agency to deal with cyber security threats like hacking and phishing. It strengthens the security-related defence of the Indian Internet domain.
Insta Links:
Mains Links:
What is a ‘Ransomware’ attack? How do they compromise and complicate cybersecurity in the country? How can they be tackled?
Prelims Links:
The terms ‘WannaCry, Petya and EternalBlue’ sometimes mentioned in the news recently are related to (UPSC 2018)
(a) Exoplanets
(b) Cryptocurrency
(c) Cyber attacks
(d) Mini satellites
Ans: C
In India, it is legally mandatory for which of the following to report on cyber security incidents? (UPSC 2017)
- Service providers
- Data centres
- Body corporate
Select the correct answer using the code given below:
(a) 1 only
(b) 1 and 2 only
(c) 3 only
(d) 1, 2 and 3
Ans: D
