For a fortnight after the Pahalgam massacre, the Indian cyber space faced massive attacks from inimical players. Some days witnessed up to 90 crore DDoS (Distributed Denial of Service) attacks per hour, cyber security professionals have revealed. Most of these attacks were attempted on India’s financial sector with the National Stock Exchange (NSE) and several banks. Later, electricity grids and some busy airports such as Delhi and Goa were targeted, they added.
Most of the attacks were traced to Pakistan, China, Indonesia, Turkey, Russia and Brazil.
Pak Cyber Attacks On India
On May 7 and 8, when under Operation Sindoor India destroyed terrorist headquarters and camps inside Pakistan, a massive phishing campaign was underway, it is now revealed. Phishing is a common type of cyber attack that targets individuals through email, text messages, phone calls and other forms of communication to elicit passwords and personal information to dupe people by emptying their bank accounts.
Some DDoS attacks did get through and gullible customers fell victim to phishing attacks, cyber security industry professionals said. Websites of some non-operational military organisations such Army Public Schools were defaced but their services were restored immediately.
The Delhi airport, one of India’s busiest, witnessed an unprecedented surge in cyber traffic on a particular day. The number of visitors on its website went up ten-fold from the average 5 lakh a day hits to about 50 lakh visitors.
Goa airport too faced a sudden increase in its website traffic. These attempts were to try and crash the systems to disrupt traffic. Similarly, Pak cyber attack targeted banking and financial sector sites to create chaos and panic among customers. The National Payments Corporation of India or NPCI, Chief Information Security Officers (CISOs) of different organisations worked in close coordination with the Indian Computer Emergency Response Team or CeRT and prevented most of these attacks.
India’s cyber security infrastructure managed to negate most of the threats. But the majority of attacks were thwarted, thanks to a robust system that is in place for some years now. Government departments such as Ministry of Electronics and Information Technology (MeiTY), Ministry of Telecommunications and the newly constituted National Cyber Security Authority were in constant touch during the crisis, sources said. At least three advisories were issued during the fortnight between April 22 and May 7 and two more after May 7 to different sectors.
On May 10, two advisories were issued to general businesses and to the MSME sector. Categorising the threats as severe, both the advisories said: “Essential measures for industry for safeguarding business operations against cyber security threats.”
Severity Rating: High
“The Indian computer emergency response team (CERT-In) has detected a surge in cyber threats encompassing ransomware attacks, DDoS incidents, website defacement, data breaches and malware infections. These attack vectors, whether executed individually or in combination, pose a significant risk to the integrity, confidentiality and availability of systems and services.
Measures To Be Taken
Strengthen authentication and access control, patch management, web server and infrastructure protection, secure network and endpoint devices, develop an incident response team, zero trust architecture, conduct employee awareness and training.
Another advisory on May 22 read: “Multiple vulnerabilities in zoom”
Severity Rating
High
Software Affected
Zoom workplace desktop app for macOS, Windows, Linux before version 6.4 0.
Operation Sindoor has demonstrated India’s capability in dealing a hard blow to Pakistan. But the country needs to be prepared for cyber attacks and cognitive warfare that India’s adversaries will unleash much before the kinetic action begins.
