Cyber and Malware attacks in India

Why in the News?

With increasing incidents of cyber and malware attacks on critical infrastructure across the country, the Defence ministry has decided to replace the Microsoft Operating system (OS) with a locally built OS Maya.

Maya Operating system:

1. 1. 1. 1. A new locally developed OS based on a free, open-source software called Ubuntu.
         2. The Maya OS has been developed by the Defence Ministry in a period of 6 months with the co-ordination of various govt agencies that includes
            • Defence Research and Development Organisation (DRDO)
            • The Centre for Development of Advanced Computing (C-DAC)
            • The National Informatics Centre (NIC).
         3. The idea of Maya OS was envisioned in 2021 after India faced several cyberattacks in its critical infrastructure and defence systems.
         4. Main advantages of Maya OS:
            • Similar interface and functionality as that of Windows enabling ease of user adaptability.
            • Chakravyuk feature:  An end-point anti-malware and anti-virus software that creates a virtual layer between the user and the internet potentially blocking hackers from accessing sensitive data.
            • Ubuntu offers a high-level of security as it has very few malwares exploits and vulnerabilities compared to Windows.
            • Ubuntu offers built-in firewall, a strict user permission system and regular security updates that help protect it from potential threats.
         5. Maya OS will be rolled out in the South block before August 15 and the remaining computer systems should be upgraded to Maya OS by the end of the year.

Rationale behind the introduction of Maya OS:

1. India has become one of the most attacked and breached countries in the world.
2. Among the 829 million cyber-attacks detected and blocked globally by a firm, close to 59% were directed towards India in 2022.
3. Involvement of state actors in carrying out cyberattacks has been a recent trend. For instance, the AIIMS cyberattack was traced to Chinese links.
4. Threat actors are continuing to modernise their attack tool kits with high impact strategies thus leading to higher probability of monetization and further rise in attack campaigns.

About:

Cyber threats and Malware attacks in India:

A cyber attack is an attempt by cybercriminals, hackers or other digital adversaries to access a computer network or system, usually for the purpose of altering, stealing, destroying or exposing information

Types of Cyber-attacks:

1. Malware
   • Software programs designed to damage or do unwanted actions on a computer.
   • They include viruses, worms, Trojan horses, spyware and ransomware.
2. Phishing
   • Attacks sent via mail and ask users to click on a link and enter their personal data
   • They include a link that directs the user to a dummy site that will steal a user’s information
3. Password attacks
   • Involves a third party trying to gain access to your systems by solving a user’s password.
4. Denial of service attacks
   • Attackers send high volumes of data or traffic through the network until the network becomes overloaded and can no longer function.
5. Man in the Middle (MITM)
   • Information is obtained from the end user and the entity the user is communicating with by impersonating the end points in an online information exchange (i.e., connection from smartphone to website).
6. Drive-by downloads
   • A program is downloaded to a user’s system just by visiting the site.
   • It doesn’t require any type of action by the user to download.

Major sectors affected:

Recent cyberattacks and security breaches in India:

1. All-India Institute of Medical Sciences (AIIMS) platform came under cyberattacks using ransomware for 2 times in 2023.
2. The ransomware attacks on Oil India Limited and Spice Jet servers in 2022
3. The Mumbai Power Grid outage in 2020
4. Cyberattack on Kudankulum Nuclear Power Plant (KKNPP) in 2019.

Steps taken by Government to counter Cyberattacks in India:

1. National Critical Information Infrastructure Protection Centre (NCIIPC) functions to protect the critical information infrastructure in the country.
2. Mandatory reporting of cyber security incidents by all organisations providing digital services.
3. Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre)- provides for detection of malicious programmes and free tools to remove such programmes.
4. Chief Information Security Officers (CISOs) provide for securing applications, infrastructure and compliance.
5. Crisis Management Plan for countering cyber-attacks and cyber terrorism.
6. Conducting cyber security mock drills and exercises regularly in Government and critical sectors.

Link: India Defence Ministry to replace Microsoft OS with Maya - The Hindu