Covid vaccine study to Oil India: Targets under cyber attack

From Covid vaccine research centres to banking and financial entities to PSU major Oil India Limited — a range of institutions came under cyber attack during the two years of the pandemic, Lt General (Dr) Rajesh Pant, the country’s top cybersecurity coordinator, has told The Indian Express.

While these attacks were “successfully thwarted,” said Lt Gen Pant, these have underlined the need for constant vigil and global cooperation.

Last week, Lok Sabha was told there have been 674,021 cyber attacks in the country this year until June — almost 3,700 cyber attacks a day, making India the third most impacted by network attacks in the world.

Expanding on this, Lt General Pant, the National Cyber Security Coordinator at the National Security Council Secretariat (NSCS), said that health and banking were among the sectors hit hardest.

Lt Gen Pant said the April 2022 attack on Oil India in Assam was one of the “most serious” incidents of ransomware attacks. “There were over 200 computers of Oil India that got encrypted during the attack and operations of Oil India came to a halt for almost a week.”

A ransom of Rs 120 crore was demanded, in Bitcoins, from Oil India, with a threat of it being doubled. There was no negotiation or payment, said Lt Gen Pant.

Lt General (Dr) Rajesh Pant

The PSU resumed its operations by switching to another software and also hiring a US cybersecurity firm to help put operations back on track.

There has been a huge upswing in malware attacks and among the targets were at least half a dozen incidents when Covid vaccine research centres and institutions doing academic studies on immunization were targeted.

Incidentally, in UK and Germany, too, vaccine research and distribution centres came under sustained cyber threats.

In the banking and financial sectors, the past three months have seen several malware and ransomware attacks, Lt Gen Pant said, both in private and co-operative banks.

While he declined to identify these banks, he confirmed that the attacks have were “neutralized” and were logged in as “cyber security incidents” with CERT-IN (Indian Computer Emergency Response Team.) Last year’s figures for such incidents were…