200% increase in cyber incidents in two months, but not attributable to China: Official
There has been a 200 per cent rise in cyber incidents in India in the last two months, but those cannot be blamed to Chinese actors, chief information security officer in the Prime Minister's Office, Gulshan Rai, said on Monday.
He, instead, blamed a shift in the service sector to work from home (WFH) due to the COVID-19 pandemic for the heightened incidents, saying people are "mindlessly" downloading unverified applications which may lack security features.
Ties between India and China have hit a new low following the violent clashes in the Galwan Valley in Ladakh, which left 20 Indian army personnel dead. In reaction, India has banned 48 Chinese apps on security concerns.
"It is certainly true that during the last couple of months, the cyber incidents (like) hacking systems have gone up significantly. Somebody may say more than 200 per cent (increase), that's the figure which is available," Rai said during an interaction organised by payments company EPS here.
"...there is no evidence as of now that the attacks have gone up due to the tensions between the two countries (India and China)," he added.
Rai said there are dedicated agencies which are monitoring the situation and also preventing the attacks.
"There have been larger cases of phishing, service issues and ransomware which have gone up. These cases have gone up not merely because of heightened tensions, these cases have gone up from January and February-end because of the culture of working from home,” he said.
Rai explained that offices typically have necessary security measures taken in, and urged people to be more careful about what they download and stick to verified applications itself.
To a question on reliance on Chinese products, he said China is a world leader in manufacturing and everyone buys from the country knowing that they are vulnerable.
He said this is where Prime Minister Narendra Modi's call on self-reliance is crucial and added that other countries including America and European nations are also looking at ways of reducing dependence on China.
“I think in a couple of years, there will be a lot of shifting towards an Atmanirbhar programme. America, Europe as well, everyone is charged up. We need to take steps to check on the misuse or the misfunctioning of the Chinese systems and there are ways and means to do that,” he said.
In order to reduce incidents of fraud in banking, Rai suggested a method where the receiver of funds from online transfers is not able to withdraw the money for an hour.
He said there is a need to overhaul cyber security architecture at banks because of the rapid changes in technologies, even though a significant amount of ground has been covered in the past.
In cases of critical infrastructure like refineries and power plants, Rai said it is a blessing in disguise that much of such facilities in India are not connected to the wider internet but eventually efficiency needs will force them to get connected and there will be a need for better security at such facilities.
The incident at the atomic power station at Tamil Nadu's Kudankulam in 2019 was blown by the media, he said, adding that systems connected to the internet and the plant operations were totally segregated there.
“The attack happened on the MIS system in the office, where the hackers have been able to reach and get the files and post it on the dark net. Our control system was safe and they are not connected on the internet,” he said.