Recent Surge in Cybersecurity Incidents Raises Alarms in India
In recent months, a worrying series of cybersecurity incidents has highlighted vulnerabilities affecting millions of users in India. Among the most severe breaches are those involving Bharat Sanchar Nigam Limited (BSNL) and Star Health and Allied Insurance Co. Ltd., both of which underscore significant shortcomings in the capacity of the country’s cybersecurity authorities to detect and respond to threats.
BSNL, a state-owned telecom giant, recently reported a major data breach that compromised an alarming amount of sensitive information, including customer IMSI numbers and SIM card details. The breach, flagged by digital risk management firm Athenian Technology, revealed that over 278 GB of data was accessed by a hacker claiming to sell the information for $5,000. This incident marks the second breach for BSNL within a six-month timeline, raising concerns about its security protocols and the potential implications for customer safety in terms of financial loss and data theft.
In a parallel incident, Angel One, a Mumbai-based stock brokerage firm, disclosed a breach affecting approximately 8 million customers. The compromised data, which included Personally Identifiable Information (PII) such as names and bank details, was reportedly linked to a prior incident dating back to April 2023 that had already been reported to authorities. The ongoing threat of data exposure was further emphasized as hackers exploited this loophole to gain unauthorized access to private information.
Additionally, the eMigrate Portal, a platform facilitated by the Ministry of External Affairs for Indian laborers seeking overseas employment, was also targeted. A hacker published extensive data from at least 200,000 registered users, revealing sensitive information such as passport details and contact data on a cybercrime forum. The Ministry’s response indicated ongoing investigations but did not clarify the breach’s origins. This negligence in safeguarding user data raises serious questions about the adequacy of the measures in place to protect personal information.
Numerous other organizations have experienced similar breaches, including Airtel, WazirX, Piramal Group, and Star Health. Airtel faced allegations of a data breach impacting over 375 million user records, leading the company to categorically deny any reports of compromised data, despite significant public concerns about potential exposure of sensitive information. Similarly, WazirX, India’s largest cryptocurrency exchange, was reportedly the victim of a sophisticated theft amounting to approximately $235 million in crypto assets, linked to nefarious activities by the infamous Lazarus Group, a notorious hacking collective associated with North Korea.
The significant data leaks have led organizations like the Internet Freedom Foundation (IFF) to call for increased accountability from cybersecurity authorities. Reports indicate key entities such as the Indian Computer Emergency Response Team (CERT-In) have faced challenges in fulfilling their mandate effectively, particularly following their exemption from the Right to Information Act in 2023. This has raised public concerns regarding transparency in the agency’s operations amidst escalating cybersecurity threats.
According to the MITRE ATT&CK framework, the tactics observed in these incidents typically align with adversarial techniques including initial access, exploitation of public-facing applications, and data theft. Each breach showcases varying methods from social engineering tactics to directly exploiting vulnerabilities in system architecture. In the ever-evolving landscape of cyber threats, maintaining robust defensive measures has become imperative for organizations to mitigate risks.
The escalation of such incidents not only poses risks to individuals but also jeopardizes the reputation and operational integrity of the entities involved. As organizations implement various cybersecurity measures in response to these incidents, the urgent requirement for comprehensive and effective cybersecurity legislation becomes apparent. Business owners are urged to prioritize proactive cybersecurity strategies, fostering a culture of transparency and accountability to protect against the potentially devastating impacts of data breaches.
