Ransomware attacks on Indian IT: New concern

Ransomware attacks on Indian IT: New concern


Ransomware attacks have emerged as a significant cause for concern in the Indian IT sector. The recent incident involving HCL Technologies, a prominent IT services provider, highlights the potential threats faced by these organizations.


GS – 3 (Cyber Security, Cyber Warfare, Challenges to Internal Security)


LockBit Ransomware, Cyber Attack, Cyber-crime, Crypto virus, Cyber Surakshit Bharat, Cyber Swachhta Kendra.

Mains Question:

What components constitute cybersecurity? Considering the challenges in this domain, assess the effectiveness of India’s efforts in formulating a comprehensive National Cyber Security Strategy. (250 words)

Dimensions of the Article:

  • Cyber Security
  • Critical Information Infrastructure (CII)
  • Anatomy of the HCL Tech Ransomware Attack
  • Rising Trend of Ransomware Attacks on Indian IT Firms
  • Why IT Organizations Are Prime Targets
  • Other Instances of Ransomware Attacks on Indian Organizations
  • Government Initiatives Related to Cyber Security

Cyber Security:

  • Cybersecurity, also known as information technology security, entails the application of techniques to safeguard computers, networks, programs, and data from unauthorized access or malicious attacks.
  • The primary objective is to prevent the exploitation of cyber-physical systems and protect critical information infrastructure.

Critical Information Infrastructure (CII):

  • As per Section 70(1) of the Information Technology Act, Critical Information Infrastructure (CII) is characterized as a “computer resource, the incapacitation or destruction of which, shall have a debilitating impact on national security, economy, public health, or safety.”

Anatomy of the HCL Tech Ransomware Attack:

  • In its quarterly report on 20th December, HCL Technologies disclosed a ransomware incident within a confined cloud environment. Although the overall network was reportedly unaffected, the incident had repercussions on the company’s standing in the stock market, leading to a decline in share prices.
  • Despite being a leading software solution provider in India, HCL Tech refrained from divulging specific details of the attack, emphasizing the importance of cybersecurity and data protection.

Rising Trend of Ransomware Attacks on Indian IT Firms:

  • Recent studies, including a 2023 report by cybersecurity company Sophos, indicate a worrying trend.
  • The study reveals that 73% of Indian organizations fell victim to ransomware attacks, marking a significant increase from the previous year. Of these, 77% reported successful encryption of their data, with 44% opting to pay the ransom.
  • Notably, companies that chose to pay experienced doubled recovery costs compared to those relying on backups.
  • The Computer Emergency Response Team of India (CERT-In) further substantiates these findings, reporting a 51% surge in ransomware incidents in the first half of 2022.
  • The primary targets included data centers, IT, and TeS sectors, underlining the pervasive nature of these attacks.

Why IT Organizations Are Prime Targets:

  • Threat actors strategically target IT organizations due to the inherent value of the data they possess. These entities house sensitive information, such as intellectual property and personally identifiable data, making them lucrative targets.
  • The potential leak of such data could not only devalue the company but also pose threats to revenue streams. Moreover, IT organizations offering cloud security and data solutions become gateways to broader supply chain targeting, compelling companies to consider paying the ransom.
  • Additionally, the adoption of new technologies and open architecture by IT organizations makes them susceptible to cyberattacks. This vulnerability stems from the challenge of maintaining the highest levels of protection against evolving cyber threats.

Other Instances of Ransomware Attacks on Indian Organizations:

  • HCL Tech is not an isolated case. In November, a U.S.-based subsidiary of Infosys, Infosys McCamish Systems, faced a ransomware attack. Despite limited details, the incident underscored the pervasiveness of these cyber threats.
  • Earlier in the year, Sun Pharma, a prominent Indian drug manufacturer, encountered a cyberattack attributed to a ransomware group. The attack not only impacted the company’s revenue but also necessitated containment measures to mitigate the damage.
  • The All India Institute of Medical Sciences (AIIMS) also fell victim to a ransomware attack in November 2022. The hackers demanded ₹200 crores in cryptocurrency, causing significant disruption to the hospital’s operations.

Government Initiatives Related to Cyber Security:

  • Indian Cyber Crime Coordination Centre (I4C)
  • Indian Computer Emergency Response Team (CERT-In)
  • Cyber Surakshit Bharat
  • Cyber Swachhta Kendra
  • National Cyber security Coordination Centre (NCCC)
  • Cyber Insurance Policy
  • Kerala Govt’s Cyberdome Project

Way Forward:

The surge in ransomware attacks on Indian IT organizations demands a proactive response. Enhanced cybersecurity measures, comprehensive backup strategies, and increased awareness within these organizations are imperative. Collaborative efforts involving industry stakeholders, government bodies, and cybersecurity experts are necessary to develop robust defense mechanisms.