The number of cyber attacks in India has recorded a steady growth over the past few years, and the total number as reported to and tracked by the Indian Computer Emergency Response Team (CERT-In) in the current year stands at 12,67,564 (till November), the Parliament was told on Wednesday.
The corresponding number of such incidents in 2018 was 2,08,456 which increased to 3,94,499 in 2019, to 11,58,208 in 2020 and 14,02,809 in 2021, Minister of State for Electronics and IT Rajeev Chandrasekhar told the Lok Sabha in a written reply.
He said that with the borderless cyberspace coupled with anonymity, along with rapid growth of Internet, rise in cyber attacks and cyber security incidents is a global phenomenon and the government is fully cognisant and aware of various cyber security threats. The Indian Computer Emergency Response Team (CERT-In) is mandated to track and monitor cyber security incidents in India. In the recently notified cyber security direction, CERT-In has now made it mandatory for all incidents to be mandatorily reported to it.
The minister said that CERT-In operates an automated cyber threat exchange platform for proactively collecting, analysing and sharing tailored alerts with organisations across sectors for proactive threat mitigation actions by them. According to the analysis by CERT-In, the Internet Protocol (IP) addresses of the computers from where the attacks appear to have originated from a number of countries.
The reply further said that government has published National Cyber Security Policy 2013 with the vision of building a secure and resilient cyberspace for citizens, businesses, and government, and the mission of protecting information and information infrastructure in cyberspace, building capabilities to prevent and respond to cyber threats, reducing vulnerabilities and minimising damage from cyber incidents, through a combination of institutional structures, people, processes, technology and cooperation.
Further, the Ministry of Home Affairs has issued National Information Security Policy and Guidelines to the Central Ministries as well as state governments and Union Territories with the aim of preventing information security breaches and cyber intrusions in the information and communication technology infrastructure.