“Various advanced persistent threat [APT] groups became more active targeting our critical infrastructures,” National Security Advisor Ajit Doval said. Phishing campaigns that used COVID-19 related themes to target government, defence and critical infrastructure surged during this period. A number of accounts of Indian government officials and government websites were targeted using spear phishing tactics — targeted phishing campaigns that try to get the victims to give up confidential information by masquerading as trusted senders or companies.

More than 5,000 malicious domains and websites were registered in a short period of time, Doval said. A number of fraudulent UPI IDs and web portals were also created. For instance, within a few hours of the announcement of PM CARES Fund, “several fake Aarogya Setu apps popped up to exploit people’s data”, he said.

The National Security Advisor also said that companies must report any breaches, and have a responsibility to protect both company and consumer data.

These remarks were made in his keynote address at c0c0n, an annual cybersecurity conference organised by the Kerala Police, Information Security and Research Association, and Society for the Policing of Cyberspace (POLCYB).

‘Scale of audits, risk assessments reduced’

“Due to lockdown, audits and risk assessments could not be conducted at requisite scale, thus reducing the protection posture of critical information infrastructure,” Doval said. This problem was exacerbated by the lack of chief information security officers (CISOs) in different organisations, he said.

Doval further said that “lack of indigenous apps and solutions, for example lack of collaborative platforms, video conferencing, data sharing facilities, social media platforms, etc. has adversely affected our self-reliance and overall security posture”. Management of security operation centres (SOCs), IT administrations at all levels were a challenge during the lockdown period, he said.

Cybercrimes rose by 500%, financial frauds increased ‘exponentially’

Doval said that the pandemic saw a 500% increase in cybercrime due “to limited awareness and poor cyber hygiene”. As cash handling reduced and dependence on digital payment platforms increased, financial frauds saw “an exponential increase”.

Doval listed other threats that emerged during the pandemic:

  • “Large number of hurried, insecurely developed applications were launched, increasing the vulnerability landscape.”
  • Crisis was exploited by adversaries through “misinformation, fake news and social media campaigns”.

The NSA said that large amounts of “cyber data floating in the cyberspace is a gold mine for extracting information that can undermine the privacy of our citizens and also add to the vulnerability of protected information of the government”. “It also adds to the vulnerability of the vulnerability of the data concerning our critical infrastructure.”

Doval calls for indigenisation of cybersecurity

Citing “no dearth of talent” in India, Doval said that companies’ research and development assignments “must result in creation of intellectual property, development of indigienous products and solutions which can compete globally”.

Just like India’s IT/ITeS sector occupies 55% of the global market, the cybersecurity sector too must tread the same path, Doval said. “This is where our start-ups must come up with solutions which are based on the requirements of the Indian market and extend it to the globe.”

Doval also mentioned that the National Cyber Security Strategy 2020, which will address all aspects of the ecosystem will be released “soon”. National Cyber Security Coordinator Lt Gen. (Dr) Rajesh Pant, at another virtual event on Friday, said the Strategy is awaiting the cabinet’s approval, and he hopes that it will be released in October.