As per report of CloudSEK, India emerged as the second most targeted nation in terms of cyber attacks in 2024.
Impact of Cross-Border Cyber Attacks
Threat to Critical Information Infrastructure (CII) – Eg – attempts by the Pakistan-linked APT36 group to infiltrate India’s Northern Power Grid
Economic Destabilization by attacks on financial gateways like UPI or BSE.
Salami-Slicing of Intellectual Property (IP)- Eg- theft of IP from manufacturing and pharmaceutical sectors to weaken India’s “Make in India” competitive edge.
State-Sponsored Advanced Persistent Threats (APTs)- Eg- Pakistan-linked actors used “Dance of the Hillary” malware to infiltrate DRDO systems during “Operation Sindoor”
Compromise of National Defense & Military Intelligence- “Operation FlightNight” targeted Indian defense and energy sectors using malware disguised as an Indian Air Force invitation.
Psychological Warfare- Eg- Following the Pahalgam attack, Pakistan-linked groups flooded social media with 2 lakh deepfakes and “forged” government documents to spread panic.
Threat to privacy. Eg- Star Health Insurance breach leaking data of 31 million customers
“Mass Defacement” – Simultaneously taking down hundreds of government websites to Undermine government authority
Measures to Strengthen Cyber Security in India
Legal Measures
Stringent implementation of the Digital Personal Data Protection Act to hold “Data Fiduciaries” (companies) accountable for breaches.
Empower the CBI to investigate cybercrime cases nationwide without needing general consent from state. (Parliamentary panel on home affairs)
Replacing the IT Act, 2000, with the proposed Digital India Act to address modern threats like Deepfakes, AI-driven extortion.
Institutional Measures
Expanding the Indian Cyber Crime Coordination Centre to serve as a 24/7 national “War Room” for real-time threat mitigation and interstate coordination.
Strengthening the NCIIPC to secure “Critical Information Infrastructure” (CII).
Establishing dedicated cyber-police stations in every district, integrated with the National Cybercrime Reporting Portal (1930).
Policy Measures
Implementing the National Cyber Security Strategy focusing on Sovereign Cyber Defense and building a “Cyber-Resilient” ecosystem.
Adhering to the CERT-In Cyber Security Audit Policy, which mandates annual third-party audits for all government and critical sector entities.
Promoting the Golden Hour Protocol to report financial frauds within the first 2 hours.
Technological Measures
Zero-Trust Architecture (ZTA)- Transitioning from traditional perimeter security to a “Never Trust, Always Verify” model for all digital access requests.
AI-Driven Threat Intelligence- Deploying machine learning algorithms for real-time detection of anomalies and Automated Incident Response (AIR).
Promoting the “Atmanirbhar” development of indigenous operating systems and security software. Eg- Maya OS
Global Measures
Leveraging partnerships like the Quad Senior Cyber Group to share threat intelligence on state-sponsored APTs (Advanced Persistent Threats) in the Indo-Pacific.
Collaborating with Interpol (Project Gateway) and FATF to track and dismantle the financial backbones of transnational “Cyber Slavery” hubs.
Social Measures
Digital Literacy (Cyber Shikshaa)- awareness campaigns like #CyberDost
Capacity building of the judicial and police workforce through the CyTrain portal
Cyber Hygiene- Eg- Multi-Factor Authentication (MFA) and use of the “Chakshu” portal for reporting suspicious communications.
As cybercrimes move into the realm of “Grey Zone Warfare,” India’s cyber defense must be proactive rather than reactive.