Increasing cyberattack cases in India: Putting a full stop on scams and frauds

By Naveen Garg, Cybersecurity Reliability Engineer, Akamai Technologies

India is the world’s largest democracy and a burgeoning technological hub, has become an attractive target for cybercriminals. With the rapid digitisation of services and the growing reliance on online transactions, cyberattacks have increased, posing significant challenges to individuals, businesses, and governments. The alarming increase in cyber fraud and scams necessitates immediate and decisive action to protect the nation’s digital ecosystem.

The surge in cyberattacks

In Q2 2024, India-based organizations had the second-highest weekly attack rate per organization in the Asia-Pacific (APAC) region, with 3,201 attacks per week. According to Check Point Research, cyberattacks increased by 46% year on year, compared to a global average of 30%. Only Taiwan has seen more attacks, highlighting India’s vulnerability to cyber threats. The relentless onslaught of cyberattacks highlights the growing sophistication and persistence of threats. actors targeting Indian cyberspace.

High-profile cyberattack cases

Several high-profile companies in India have faced cyberattacks, resulting in significant financial and reputational damage. Notable incidents include breaches in major financial institutions, healthcare systems, and government databases. These attacks have compromised sensitive data, disrupted services, and eroded public trust in digital platforms.

In recent years, large-scale data breaches at companies such as HDFC Bank, State Bank of India (SBI), and the Unique Identification Authority of India (UIDAI) have exposed millions of records, including personal and financial information. These breaches have highlighted the urgent need for enhanced cybersecurity measures across all sectors.

Statistical overview of cybercrime in India

The number of reported and pending cases demonstrates the magnitude of India’s cybercrime problem. Uttar Pradesh had 19 lakh fraud cases in one year, but only 72,000 were reported. Out of these, 44,000 cases were put on hold, with financial demands totaling crores. This disparity between reported and actual cases emphasizes the need for improved reporting mechanisms and more efficient handling of cybercrime investigations.

According to government data, the ‘Citizen Financial Cyber Fraud Reporting and Management System,’ launched by the Indian Cyber Crime Coordination Centre (I4C), has made significant progress in combating financial fraud. Since its inception, more than Rs. 1200 crore has been saved through over 4.7 lakh complaints. A toll-free helpline number, ‘1930,’ has been activated to help citizens file online cyber complaints.

From January 1, 2023 to December 31, 2023, the Government of India blocked more than 3.2 lakh SIM cards and 49,000 IMEIs reported by police. This proactive approach has been crucial in mitigating the impact of cybercrimes and preventing further fraudulent activities.

Role of CERT-In and RBI in cybersecurity

The Indian Computer Emergency Response Team (CERT-In) is responsible for issuing alerts and advisories about the latest cyber threats, vulnerabilities, and countermeasures. These alerts help to protect computers, mobile phones, networks, and data from potential cyberattacks. CERT-In, in collaboration with the Reserve Bank of India (RBI), has advised all authorized entities and banks that issue prepaid payment instruments (wallets) to conduct special audits by CERT-In-appointed auditors. These audits seek to identify and correct noncompliances while also ensuring the implementation of security best practices.

As we all know, CERT-In and the RBI have launched a cybersecurity awareness campaign called ‘Beware and Be Aware of Financial Frauds’ via the Digital India Platform. This campaign aims to educate the public about common financial frauds and how to avoid falling victim to them.

Reporting mechanisms and legal framework

In order to combat cybercrime, the government has created a robust legal framework, with a focus on cybercrime directed towards women and children. The public is able to report instances involving all kinds of cybercrimes through the Cybercrime Reporting Portal. First Information Reports (FIRs) are created from reported incidents and are then managed by State/UT Law Enforcement Agencies in compliance with legal requirements.

It remains difficult to turn reported instances into cases that can be taken further. Although the site has streamlined the reporting procedure, urgent attention is still needed due to the backlog of cases and the delays in the investigation and prosecution. In order to deliver justice in a timely manner, it is imperative that law enforcement authorities and the judiciary improve their efficiency in dealing with cybercrime.

State/UT-wise performance

The “Citizen Financial Cyber Fraud Reporting Management System” performs differently in each State and Territory. The performance data from January 1, 2023, to December 31, 2023, shows variations in the efficiency of cybercrime control. Owing to different administrative and infrastructural difficulties, some states have been more aggressive in combating cyber scams than others.

Future directions and recommendations

To effectively combat the growing number of cyberattacks and scams, India requires a multifaceted approach:

1. Improved cybersecurity measures: To protect their digital assets, organizations must implement advanced cybersecurity technologies such as AI-driven threat detection, multifactor authentication, and encryption.

2. Public awareness campaigns: Regular public awareness campaigns should be held to educate citizens about the most recent cyber threats and safe online practices.

3. Strengthening the legal framework: The legal framework for cybercrime requires clear guidelines for reporting, investigating, and prosecuting cybercrimes.

4. Capacity building: Training and capacity building for law enforcement, the judiciary, and cybersecurity professionals is critical to keeping up with evolving cyber threats.

5. Collaboration and information sharing: Improved collaboration among government agencies, the private sector, and international organisations is critical for sharing information and best practices in cybersecurity.

6. Incident response and recovery: Putting in place strong incident response and recovery mechanisms can help to mitigate the impact of cyberattacks and ensure that affected systems recover quickly.

The rise in cyberattacks in India serves as a stark reminder of our digital ecosystem’s vulnerabilities. India can effectively combat cybercrime and secure its digital future by implementing stringent cybersecurity measures, increasing public awareness, and strengthening the legal framework. The combined efforts of government agencies, the private sector, and citizens are critical to putting an end to the growing number of scams and fraud cases, ensuring a secure and resilient digital India.

AICybersecurityITtechnology
Comments (0)
Add Comment