In 2023, the Central Bureau of Investigation (CBI) examined various cyber crimes that posed threats to national security. These incidents included a significant data breach from the Indian Council of Medical Research (ICMR) affecting 810 million individuals, a malware attack targeting a government ministry, and a distributed denial-of-service (DDoS) attack on airports and other critical infrastructure.
Additionally, the annual report for 2023-24 from the Department of Personnel Training (DoPT), released recently, indicated that a vital defense unit was compromised by a ransomware attack. This type of attack restricts access to a computer system through malware until a ransom is paid.
The report highlights that the CBI’s investigations in 2023 encompassed intricate cyber crimes with implications for national security, including the ransomware incident at a key defense unit, the extensive data breach affecting millions of Indian citizens, the malware attack within a ministry, and the large-scale DDoS attack on essential infrastructure and airports across India. The report does not disclose the specific location of the defense unit impacted by the ransomware. Notably, India hosted the G-20 conference during the same year.
Cyber crime surge
In October 2023, the American cybersecurity and intelligence agency Resecurity issued a warning regarding a data breach at the Indian Council of Medical Research (ICMR). This breach reportedly exposed Aadhaar and passport details of 810 million Indians, including their names, phone numbers, and addresses.
The annual report for 2023 from the Indian Computer Emergency Response Team (CERT-In) revealed that a total of 1,592,917 security incidents were documented in the previous year, representing a significant increase from the 53,117 incidents recorded in 2017. These incidents encompassed various forms of cyber threats, including website intrusions, malware distribution, malicious code, phishing attempts, DDoS attacks, website defacements, unauthorized network scanning, ransomware attacks, data breaches, and vulnerabilities in services. CERT-In emphasized that corrective actions to address these incidents were recommended and executed in collaboration with pertinent stakeholders.
Attacks across borders
The report from the Department of Personnel and Training (DoPT) indicated that the Central Bureau of Investigation (CBI) had worked in conjunction with international agencies, including the Federal Bureau of Investigation (FBI), the Royal Canadian Mounted Police (RCMP), and the Singapore police, to identify and dismantle fraudulent call centre operations in India. The report noted that intelligence provided by the FBI was instrumental in uncovering a scheme involving $2 million in cryptocurrencies associated with a fraudulent tech support call centre that targeted U.S. citizens.
In spite of the strained diplomatic relations with Canada over the past year, the CBI, in partnership with the RCMP, successfully identified a call centre in Delhi that defrauded Canadian citizens, leading to the recovery of a substantial amount of cash and pertinent evidence. Furthermore, the CBI traced bitcoins from an Australian citizen to a wallet located in Delhi, revealing the international dimensions of cryptocurrency fraud in a case related to Australian tax evasion. Additionally, a significant crypto mining scam was discovered in India, which illicitly extracted ₹100 crore from Indian citizens.
The report emphasized the “wide range of cyber threats confronting the nation,” stating that the CBI investigated fraudulent investment and loan applications targeting Indian citizens from neighboring countries. Following a directive from the Reserve Bank of India (RBI), the CBI initiated a case concerning IMPS (Immediate Payment Service) fraud at UCO Bank, which involved reversed transactions across various banks, totaling an astonishing ₹820 crore.
Changing roles
Since 1999, the Central Bureau of Investigation (CBI) has served as the Union government’s appointed nodal agency for the investigation of computer-related crimes. However, on September 29, the Cabinet Secretariat revised the government’s Allocation of Business Rules, assigning the National Security Council Secretariat—under the purview of National Security Adviser Ajit Doval—as the agency responsible for providing comprehensive coordination and strategic direction in the realm of Cyber Security. Additionally, the Ministry of Electronics and Information Technology has been designated as the primary body for ensuring the security of telecommunications networks, while the Ministry of Home Affairs will oversee issues pertaining to cyber crimes.
