The Indian Computer Emergency Response Team has received and tracked more than 12.67 lakh cyber security incidents, Minister of State for Electronics and IT Rajeev Chandrasekhar informed Parliament on Wednesday.
The corresponding number of such incidents in 2018 was 2,08,456 which increased to 3,94,499 in 2019, to 11,58,208 in 2020 and 14,02,809 in 2021, Minister of State for Electronics and IT Rajeev Chandrasekhar told the Lok Sabha in a written reply.
He said that with the borderless cyberspace coupled with anonymity, along with the rapid growth of the Internet, the rise in cyber attacks and cyber security incidents is a global phenomenon and the government is fully cognisant and aware of various cyber security threats. The Indian Computer Emergency Response Team (CERT-In) is mandated to track and monitor cyber security incidents in India. In the recently notified cyber security direction, CERT-In has now made it mandatory for all incidents to be mandatorily reported to it.
The minister said that CERT-In operates an automated cyber threat exchange platform for proactively collecting, analysing and sharing tailored alerts with organisations across sectors for proactive threat mitigation actions by them. According to the analysis by CERT-In, the Internet Protocol (IP) addresses of the computers from where the attacks appear to have originated from a number of countries.
The reply further said that the government has published National Cyber Security Policy 2013 with the vision of building a secure and resilient cyberspace for citizens, businesses, and government, and the mission of protecting information and information infrastructure in cyberspace, building capabilities to prevent and respond to cyber threats, reducing vulnerabilities and minimising damage from cyber incidents, through a combination of institutional structures, people, processes, technology and cooperation.
Further, the Ministry of Home Affairs has issued National Information Security Policy and Guidelines to the Central Ministries, state governments, and Union Territories to prevent information security breaches and cyber intrusions in the information and communication technology infrastructure.