Number of cyber incidents reported to CERT-In between the first and second quarter of 2020 more than doubled during the COVID-19 pandemic, numbers revealed by IT Minister of State Sanjay Dhotre in Lok Sabha show. They have shown a similar, exponential trend in the third quarter thus far.

Number of cybersecurity incidents reported to CERT-In in 2020:
January-March: 113,334
April-June: 230,223
July-August: 353,381

This was disclosed in a response to BJP MP Vishnu Dayal Sharma (Palamu, Jharkhand).

In response to COVID-19, CERT-In has:

  • Conducted 3 cyber exercises that saw participation from 72 organisations
  • Issued 23 advisories

Dhotre disclosed this in a written response to YSRCP MP Talari Rangaiah (Anantapur, Andhra Pradesh). He did not disclose any statistics about “the number of citizens who are vulnerable to cyber crimes amid Coronavirus pandemic [sic]”.

Dhotre also said that the National Cyber Security Strategy is “under finalisation”. On September 18, India’s National Cyber Security Coordinator, Lt Gen. (Dr) Rajesh Pant had said that the Strategy is ready and is just awaiting cabinet approval. He hopes that the Strategy will be released next month.

Cybersecurity has emerged as a major issue during the pandemic. At a virtual event on September 18, National Security Advisor Ajit Doval had said that advanced persistent threat (APT) groups had become more active in targeting India’s critical infrastructures during the pandemic. He had also said that phishing campaigns that targeted government, defence and critical infrastructure using COVID-19 related themes had also surged. Similarly, because of successive lockdowns, “audits and risk assessments could also not be conducted at the requisite scale, thus reducing the protection posture of critical information infrastructure”. Globally as well, he said, cybercrimes saw a 500% increase.

In an interview with MediaNama in May 2020, Pant had told us that the Strategy now includes a section on tele-working “since this virus has changed the threat scenario to a great extent”. “The entire section has been added and, in some places, [the Strategy] has been tweaked because in the next five years, lot of the impact of COVID is going to be felt. Consequently, there will an impact on the cybersecurity part also. We have done that and now it’s going through its versions of cabinet paper being approved, etc.,” he had earlier said.

Budget allocation for cybersecurity reduced in FY20 compared to FY19

In his answer to Rangaiah, Dhotre also released the details of funds allocated to cybersecurity by the IT Ministry.

Year Funds Released Funds Utilised % of Funds Utilised (calculated by MediaNama)
2017-18 ₹86.48 crore ₹78.62 crore 90.9%
2018-19 ₹141.33 crore ₹137.38 crore 97.2%
2019-20 ₹135.75 crore ₹122.04 crore 89.9%

CERT-In in numbers

Number of cybersecurity incidents reported to CERT-In:
2016: 50,362
2017: 53,117
2018: 208,456
2019: 294,499
2020 (until August): 696,938

Number of alerts issued by CERT-In:
2018: 451
2019: 444
2020 (until August): 734

Number of tailored alerts shared with key organisations between 2017 and August 2020: 776

Number of phishing incidents tracked by CERT-In
2018: 454
2019: 472
2020 (until August): 194

The Minister did not give a reason for the 300% increase in reported incidents between 2017 and 2018 though the reason for the 133% increase between 2019 and 2020 is clear from his other response on COVID-19.

It is strange that despite there being a 50% increase in number of cyber incidents reported to CERT-In between 2018 and 2019, the funds allocated to cybersecurity were reduced in FY20 to less than the funds utilised in FY19. Dhotre did not explain why fund utilisation in FY19, both in absolute terms and in terms of percentage of allocation, was so high.

In response to BSP MP Ritesh Pandey’s (Ambedkar Nagar, Uttar Pradesh) question on the reaction of the government to reports by the Data Security Council of India (DSCI) and Centre for Strategic and International Studies that India is among the top five countries with the most number of cyber-attacks, Dhotre clarified that the March 2020 vendor report that claimed so is “not validated”. It is not clear which report he was referring to since multiple private cybersecurity firms have released such statistics.

Read more:

***Correction (September 22, 2020 9:29 am): Lok Sabha MP Ritesh Pandey’s party was incorrectly identified as BJD. He is from BSP. The error is sincerely regretted. Originally published on September 21, 2020 at 6:59 pm.