We regularly warn of impending threats, says Sanjay Bahl, DG, CERT-In

A Covid positive person could infect three or four persons, but a malware-infected cyber system can infect several times more. And “the global loss can be trillions of dollars,” warns India’s topmost cyber-warrior, Sanjay Bahl, who is director-general of the Indian Computer Emergency Response Team (CERT-In). Seated in his simple office in the Union ministry of electronics and information technology, Bahl said that last year alone India “battled more than 11 lakh cyberattacks, till October 15, 2021”.

With power, telecom, defence, finance, and health sectors facing ransomware attacks, CERT-In now trains users on defensive techniques, based on a new framework created by MITRE of the US and funded by the National Security Agency (NSA). As he was global chief security officer of Tata Consultancy Services and national security officer of Microsoft, Bahl knows well the threats faced by the private sector, too.

Excerpts from an exclusive interview:

Q/ How many incidents of cyber breaches were reported this year?

A/ In 2020, around 11.5 lakh incidents were tracked and reported. Last year, more than 11 lakh incidents were tracked and reported (as of October 15, 2021).

There are various kinds of threats ranging from state actors, cybercriminals and hackers, followed by threats from someone working inside financial institutions or other elements who went rogue.

Covid had a strike rate of three to four, when an infected person came in contact with others. An infected system will have a higher strike rate, due to the interconnected society that we live in.

CERT-In handles incident response, mitigation, and containment, and carries out drills and simulations. Training chief information security officers and network system administrators has been a major focus area for us. We have also been consistently sensitising users on the need to follow best practices. Keeping in mind the fast-changing cybersecurity threat landscape, we are constantly improvising.

Q/ How is CERT-In building capability in cyberthreat intelligence?

A/ The CERT-In threat intelligence exchange platform is based on Structured Threat Information Expression (STIX) and Trusted Automated Exchange of…