Cyber attacks against India are “minimal,” but the government has taken a number of steps to protect Indian cyberspace with appropriate synergies with all monitoring agencies, IT minister Ravi Shankar Prasad said.
According to information reported to the Computer Emergency Response Team of India (CERT-In), a total of 65 ransomware-related incidents were reported between 2014 and 2017 through June, it said in Lok Sabha.
Details of the financial impact of these incidents are not reported to CERT-In, which provides technical support and remediation, he said during question time.
Prasad said the government was well aware of the security of the cyber world and was taking pro-active measures for its protection.
“India is becoming a digital power, we have an elaborate system for cyber security, but cyberattacks against India are very minimal, but we are always on the alert,” he said during question time.
After describing the hackers as “digital fugitives”, the minister said that data protection was very crucial for any country, because “the data is a new oil.”
Prasad said that several security agencies are working closely together for the protection of cyberspace and that the government has already set up a 10-member committee led by former Supreme Court Justice Judge BN Srikrishna to deliberate on a protection framework Of data for the country. The panel will make specific suggestions to the government on the principles to consider for data protection and will also suggest a data protection bill.
Prasad also said that the data related to Aadhaar was completely secure and his server was in India. “The spread of ransomware called WannaCry / WannaCrypt has been reported in many countries around the world, including India since May 12, 2017. Propagation of another ransomware called Petya was also reported from June 27, 2017.
“34 incidents have been reported to CERT-In from organizations and individuals regarding Wannacry and Petya ransomware infections,” he said.
Prasad said operations at Mumbai’s Jawaharlal Nehru Port Trust (JNPT) were partially affected by Petya’s ransomware and decryption tools for some of the ransomware that are available, allowing users to decrypt their unusable / encrypted files.
With regard to WannaCry Ransomware, the decryption tools have limited capabilities today and therefore have not been very successful. With regard to the new variant of Petya ransomware, there is no publicly available decryption tool.
For all ransomware attacks, affected data could be restored from a data backup, if available, thereby minimizing the impact of these attacks, “he said.
