Cyber Attacks in India


The term “Cyber Attacks” is day by day becoming very popular amongst the people. On average, we come across news related to cyber attacks daily or on a weekly basis. A cyber attack is an assault launched by cybercriminals using one or more computers against single or multiple computers or networks. A cyber attack can maliciously disable computers, steal data, or use a breached computer as a launch point for other attacks. Cybercriminals use a variety of methods to launch a cyberattack, including malware, phishing, ransomware, denial of service, among other methods. The privacy of data is a major concern in this digital era.


India has been the second most cyber-attacks affected country between 2016 to 2019, as per the new Data Security Council of India (DSCI) report. Further, the average cost for a data breach in India has risen 7.9% since 2017, with the average cost per breached record amounting to INR 4,552 ($64). While IT, banking, and financial services were early adopters of cyber insurance, a new demand has arisen among manufacturing, pharmaceutical, retail, hospitality, R&D, and IP-based organizations.

“Prominent data breach cases in the U.S. and the Western world, and recently enacted laws such as the European Union’s General Data Protection Regulation (GDPR), is driving the uptake of cyber insurance by Indian firms, with global exposure”, said Anup Dhingra, president of FINPRO and private equity M&A, Marsh.

Data Breaching Cases

When it comes to a data breach in the Indian context, the first thing we think of is Aadhaar. Aadhaar details of over 6.7 Mn users containing details such as names, addresses, and the numbers were leaked on Indane’s website. Prior to this, French cybersecurity expert Baptiste Robert (who goes by the pseudonym Elliot Alderson on Twitter) had uploaded website links containing the Aadhaar data of thousands of Indian citizens. And that’s just two examples among multiple leaks related to Aadhaar from state government bodies.

 Two security loopholes were discovered in Mumbai-based hyperlocal search engine Justdial’s database that was said to have exposed data from over 100 million users. Other Indian startups including Early Salary, restaurant discovery company Zomato, food-tech startup FreshMenu and Ixigo have also witnessed data breach cases.

Actions by Government

The Indian government is taking some steps on promoting data protection at a policy level. In July end, a high-level panel headed by Justice BN Srikrishna submitted its recommendations and the draft Personal Data Protection Bill 2018 to IT minister Ravi Shankar Prasad. Since then, the Indian government has faced a backlash from members of the business community and associations such as the Internet and Mobile Association of India, NASSCOM, and e-commerce companies like Amazon and Walmart over the provisions of the draft bill.

European Union

The European Union had also expressed reservations about the draft bills. “If implemented, this kind of provision would also likely hinder data transfers… contrary to what is sometimes suggested, India’s striving tech industry does not need this type of forced-localization measures,” wrote Bruno Gencarelli, head of the International Data Flows and Protection Unit at the European Commission (EC).

Countries such as Japan, Korea, and New Zealand have already passed data protection laws based on the principle of data localization. Meanwhile, in Latin America, Brazil passed its own law in August 2018, while Chile announced the setting up of an independent data protection authority.

Attacks in Covid-19 Period:

Cybersecurity attacks and breaches in the country may have jumped by as much as 500% since the lockdown was first announced in March, according to security experts. Anticipating a flurry of cyberattacks, telecom and the internet services providers have been on alert. Bharti Airtel recently upgraded its security operations center to a higher threat-level status for the next 5-7 days in the wake of cyberattacks.

Governments of nearly all nations are taking certain steps to ensure the privacy of their citizens. But, as technology is also developing day by day at a rapid pace, some experts always look forward to stealing data and use it for their favorable purposes. Commercial sites steal data to get an idea of the things the consumer will be interested in buying and likewise all other professional cyber experts use data for their own purposes. Certain software is available to stop this attack but mostly they also fail to serve the purpose. Hence, let us hope that we have a good system and a team of cyber experts for our nation which can help us out in protection from these kinds of attacks. 


Written By- Vaibhav Sharma

Edited By - Kashish Chadha