Cyber Security – CERTs, Policy, etc

Cyberattacks reveal vulnerabilities in critical infrastructures


From UPSC perspective, the following things are important :

Prelims level : Ransomware

Mains level : Paper 3- Threat of cyberattacks

The article highlights the threat posed by cyberattacks to our critical infrastructure and suggest the ways to deal with the the ever evolving threat.

Civilian targets of cyberattacks

  • Several high-profile cyberattacks were reported from the United States during the past several months.
  • These attacks were all primarily on civilian targets, though each one was of critical importance.
  • Obviously cyber, which is often referred to as the fifth domain/dimension of warfare, is now largely being employed against civilian targets.
  • Most nations have been concentrating till date mainly on erecting cyber defences to protect military and strategic targets, but this will now need to change.


  • Defending civilian targets, and more so critical infrastructure, against cyberattacks such as ransomware and phishing is almost certain to stretch the capability and resources of governments across the globe.
  • The distinction between military and civilian targets is increasingly getting erased and the consequences of this could be indeterminate.
  •  In the civilian domain, two key manifestations of the ‘cat and mouse game’ of cyber warfare today, are ransomware and phishing, including spear phishing.
  • Banking and financial services were most prone to ransomware attacks till date, but oil, electricity grids, and lately, health care, have begun to figure prominently.
  • Ransomware attacks have skyrocketed, with demands and payments going into multi-millions of dollars.
  • India figures prominently in this list, being one of the most affected.
  • Compromised ‘health information’ is proving to be a vital commodity for use by cybercriminals.
  • All indications are that cybercriminals are increasingly targeting a nation’s health-care system and trying to gain access to patients’ data.
  • The available data aggravates the risk not only to the individual but also to entire communities.
  • Cybercriminals are becoming more sophisticated, and are now engaged in stealing sensitive data in targeted computers before launching a ransomware attack.
  • Also, today’s cybercriminals, specially those specialising in ransomware and similar attacks, are different from the ordinary  criminals.
  • Many are known to practise ‘reverse engineering’ and employ ‘penetration testers’ to probe high secure networks.

Way forward

  • The need to be aware of the nature of the cyber threat to their businesses and take adequate precautionary measures, has become extremely vital.
  • Cybersecurity essentially hinges on data protection. 
  • As data becomes the world’s most precious commodity, attacks on data and data systems are bound to intensify.
  • With mobile and cloud computing expanding rapidly cybersecurity professionals are now engaged in building a ‘Zero Trust Based Environment’, viz., zero trust on end point devices, zero trust on identity, and zero trust on the network to protect all sensitive data. 
  • Building deep technology in cyber is essential.
  • New technologies such as artificial intelligence, Machine learning and quantum computing, also present new opportunities.
  • Pressure also needs to be put on officials in the public domain, as also company boards, to carry out regular vulnerability assessments and create necessary awareness of the growing cyber threat.

Consider the question “Several high-profile cyberattacks across the world have exposed vulnerabilities in the critical infrastructure of even advanced nations. In light of this, examine the challenges posed by cyberattacks and suggest measures to deal with these challenges.” 


The threat posed by the cyberattacks highlights the need for improved defences against actual, and potential, cyberattacks by all countries across continents.

Get an IAS/IPS ranker as your 1: 1 personal mentor for UPSC 2024

Attend Now

Notify of
Newest Most Voted
Inline Feedbacks
View all comments
Colson Baker
Colson Baker
9 months ago

You have to be very careful with cyberattacks, they usually appear in many places that we didn’t even suspect would appear there, sometimes viruses hide in the least expected places, to avoid this you always have to have a good system that protects us from cyberattacks If you have a website you should get an expert to perform penetration tests to see if your website is vulnerable or not.

9 months ago

As I hate cyberattacks, I remember that once this happened on my website and I was desperate because they were stealing my users’ data (passwords-email) and I didn’t know what to do, until a friend contacted some professionals and they solved everything the problem, I remember that after resolving the conflict they did penetration tests on my website to verify that it does not have any vulnerability to a new attack

Rey InterNe666
Rey InterNe666
9 months ago

To avoid any cyberattack on a web page you must have excellent protection and the only way to know if the protection of your website is good is by performing penetration tests on the page, I performed the penetration service on my website a month ago Approximately with their help we have solved many security problems that my website had, now I feel much more secure, to date I have not had any cyberattacks, I recommend them

G Wo0lf
G Wo0lf
9 months ago

To avoid cyberattacks you must make sure that the security of your web page is impenetrable, generally this type of service is corroborated by hiring experts in web penetration testing services, they will be in charge of carrying out all the necessary tests so that you can ensure that your web page is totally safe

Lamente Maestra
Lamente Maestra
9 months ago

In my opinion, the only positive thing about cyberattacks is that they make you realize that your website has vulnerabilities against attacks and you must urgently improve security. The easiest way will always be to hire an expert who can help you with these cyberattacks by running penetration tests. to try to penetrate the security of your site until making your site impenetrable to another threat


Join us across Social Media platforms.