CloudSEK Report Highlights Recent Cyberattacks Targeting Indian Government Entities

A recent report by cybersecurity company CloudSEK revealed a surge in cyberattacks targeting Indian government entities, with hacktivist groups from Pakistan and Indonesia launching coordinated attacks during India’s G20 Summit in September 2023. These attacks included DDoS attacks, website defacement attempts, and data leak claims aimed at various government and G20-related websites, such as the Ministry of Electronics and Information Technology and the Indian citizen database. The report also shed light on the potential sources of data breaches, including compromised credentials and misconfigurations, emphasizing the need for heightened cybersecurity measures.

In October 2023, health and Aadhaar data of approximately 815 million Indian citizens were breached and advertised for sale on a cybercrime forum, with subsequent releases of sample data containing sensitive information like email addresses, lab IDs, and patient IDs. Additionally, in January, threat actors advertised an extensive Indian Mobile Network Consumer Database for sale, exposing personal details of 750 million individuals, including names, mobile numbers, addresses, Aadhaar details, and more. This massive data leak, totaling 1.8 TB, poses significant risks such as identity theft and social engineering attacks to a large portion of India’s population.

Furthermore, CloudSEK’s report highlighted incidents in February and March involving the sale of access to India’s Election Duty Management System and a scam related to the BJP Free Recharge Yojana. The report emphasized the importance of implementing robust cybersecurity measures, such as multi-factor authentication, encryption, regular security audits, and employee training programs, to mitigate cyber threats effectively. Collaboration with cybersecurity providers, regulatory authorities, and industry partners was also recommended to enhance threat detection and incident response capabilities and stay compliant with regulatory standards and industry best practices.

Source – NTDV Profit