The Ministry of Electronics and Information Technology (MeitY) has asked Indian companies to report “any and all major cybersecurity” incidents to the Computer Emergency Response Team (CERT-In) team every week. According to a report by The Indian Express, the Centre has ramped up its cyber-security vigil after the frequency of such attacks increased over the last one year.
Top officials in the government said the IT Ministry and its nodal body on cybersecurity, CERT-In, have conducted meetings with critical companies in the vaccine, logistics, pharmaceutical and power sectors and assisted them in shoring up their defence.
The exercise was initiated towards the end of last year over triggers like rising potential cyber threats from countries like China, Russia and Uzbekistan, according to the executive.
Following the attacks on Dr Reddy’s Laboratories and Lupin in October and November last year, pharmaceuticals and healthcare companies have been on high alert. The number of cyber threats against vaccine makers, especially, has exponentially risen in the last six months alone, the report said.
Towards the end of February, Goldman Sachs-backed cyber intelligence firm Cyfirma had said a Chinese hacker group known as Stone Panda had “identified gaps and vulnerabilities in the IT infrastructure and supply chain software of Bharat Biotech and the Serum Institute of India,” according to a Reuters report.
A new study has also revealed that computer networks of at least 12 Indian state-run organisations, primarily power utilities and load dispatch centres, have been targeted by Chinese state-sponsored groups since mid-2020 in an attempt to inject malware that could cause widespread disruptions.
According to the study by Recorded Future, a US-based company that monitors the use of the internet by state actors for cyber-campaigns, NTPC Limited, the country’s largest power conglomerate, five primary regional load dispatch centres that aid in the management of the national power grid by balancing electricity supply and demand, and two ports were among the organisations attacked.
Microsoft said in November that it had detected cyber attacks from Russia and North Korea targeting COVID-19 vaccine companies in India, Canada, France, South Korea and the United States. North Korean hackers also tried to break into the systems of British drugmaker AstraZeneca, Reuters has reported.