Between December 9 and 12 at least 80,000 cyber attacks targeted Indian networks, showing why the government’s attempt to switch over to a digital economy may be fraught with risk. India’s information security architecture has not fully awakened to challenges of malicious warfare that could take down the financial systems.
According to top intelligence sources say that till November 28, they had observed an average 2 lakh threats and vulnerabilities per day. This increased to 5 lakh after the note ban and it further went up to 6 lakh threats by the first week of December. Although a majority of threats were neutralised before they could inflict any substantial damage, Legion, the group that compromised Twitter account of Rahul Gandhi and Vijay Mallya, claimed the banking networks were flawed and vulnerable to hacking.
Legion’s threat to bring the Indian banking system to its knees has worried the government, which recently ordered a 360 degree security audit of information infrastructure including financial networks.
Sources in the intelligence establishment said that apart from Legion, lesser-known groups like Suckfly, Lazarus, Odinaff and Danti were also launching cyber attacks on Indian targets after demonetisation forced people to switch to digital transactions.
The most lethal threat for the government is, however, from Legion, which claims to have accessed over 40,000 servers in India, clearly indicating that it can take down a vast number of websites and financial service.
In October 32 lakh debit cards issued by SBI, HDFC Bank, ICICI Bank, Axis Bank and Yes Bank were compromised in the largest-yet cyber attack on the Indian banking system.
An intelligence note reviewed by Express warns against the vulnerability of mobile phones.
According to the cyber security firm Kaspersky Lab, India is ranked seventh among the top 10 countries attacked by mobile malware. It said mobile banking Trojans like ZeuS are the most common malware used by the hackers to steal money from user accounts.