By Ashwani Mishra, Editor-Technology, 63SATS
There has been a 138% rise in cyber-attacks on government entities reported between 2019 and 2023.
This alarming revelation, shared by Minister of State for Electronics and IT Jitin Prasada in the Rajya Sabha, and reported first by The Tribune paints a concerning picture of the nation’s cybersecurity landscape.
The number of reported incidents skyrocketed from 85,797 in 2019 to 2,04,844 in 2023.
Adding to this troubling narrative, India is also grappling with a growing cyber fraud epidemic, with losses in the first nine months of 2024 alone amounting to ₹11,333 crore, according to the Indian Cyber Crime Coordination Centre (I4C). Experts project these losses could surpass ₹1.2 lakh crore in 2025, equivalent to nearly 0.7% of the country’s GDP.
Also Read: India loses ₹11,333 Crore in 2024, GDP at Risk
The Financial Blow of Cybercrime
The impact of cyber fraud isn’t limited to government bodies. In 2024, stock trading scams emerged as the most expensive, siphoning off ₹4,636 crore through 2,28,094 complaints. Investment-related frauds followed, causing ₹3,216 crore in damages across 1,00,360 cases. Meanwhile, so-called “digital arrest” scams accounted for ₹1,616 crore in losses from 63,481 complaints.
This financial bleeding underscores the urgent need for enhanced cybersecurity measures to protect both government institutions and citizens.
The Evolving Threat Landscape
The government has detailed the rise in cyber-attacks year-on-year:
2019: 85,797 incidents
2020: 54,314 incidents
2021: 48,285 incidents
2022: 1,92,439 incidents
2023: 2,04,844 incidents
These figures represent a disturbing trend, as the attacks have evolved from phishing and ransomware to sophisticated distributed denial-of-service (DDoS) and coordinated intrusions.
A particularly alarming instance was during India’s G20 Summit in September 2023, when the official website faced up to 16 lakh cyber intrusion attempts per minute. Such attacks highlight the growing sophistication of cyber adversaries.
Government’s Cybersecurity Measures
Recognizing the scale of the threat, the government has implemented several measures:
Chief Information Security Officers (CISOs): Central ministries, state governments, and UTs are mandated to appoint CISOs to handle cybersecurity.
National Critical Information Infrastructure Protection Centre (NCIIPC): Established under Section 70-A of the IT Act, 2000, this body safeguards critical infrastructure by offering threat intelligence and situational awareness.
Cyber-Crisis Management Plan: CERT-In has formulated this plan to counter cyber-attacks and cyber terrorism.
Sector-Specific Teams: A dedicated Computer Security Incident Response Team for the finance sector addresses breaches in banking and finance under CERT-In’s guidance.
National Cyber Coordination Centre (NCCC): This control room scans cyberspace to detect threats and share metadata with relevant agencies for swift mitigation.
Past Incidents and Key Learnings
Between 2020 and 2022, India witnessed 492 phishing and smishing attacks, 35 ransomware incidents, and 151 website hacks targeting government departments. These statistics reflect the increasing use of advanced tactics by cybercriminals to exploit vulnerabilities.
India’s fight against cybercrime demands a multi-faceted approach:
Strengthened Global Partnerships: Collaboration with international agencies is vital to combat cross-border cyber threats.
Tighter Regulations: Enforcing stricter cybersecurity frameworks will enhance resilience.
Public Awareness: Educating citizens on cyber hygiene and fraud prevention is critical.
With losses projected to soar and attacks on government systems continuing to rise, the onus lies on both government bodies and private entities to bolster defenses.