Cyber attacks on India is "minimum", but the government has taken a number of steps for protection of the Indian cyber-space with proper synergies with all monitoring agencies, IT minister Ravi Shankar Prasad said today (2).
As per the information reported to the Indian Computer Emergency Response Team (CERTIn), a total of 65 incidents involving ransomware were reported between 2014 and 2017 till June, he said in the Lok Sabha.
The details of the financial impact of these incidents is not reported to CERT-In, which provides technical support and remediation, he said during Question Hour.
Prasad said the government was very cognizant about the security of the cyber world and was taking pro-active steps for its protection.
"India is becoming a digital power. We have an elaborate system for cyber security. However, the cyber attacks on India is very minimum, but we are always alert," he said during Question Hour.
Terming the hackers as "digital fugitives", the minister said data protection was very crucial for any country as "data is new oil".
Prasad said various security agencies were working in close coordination for the protection of the cyber-space and the government has already constituted a 10-member committee, headed by former Supreme Court judge justice B N Srikrishna, to deliberate on a data protection framework for the country.
The panel will make specific suggestions to the government on the principles to be considered for data protection and also suggest a draft data protection bill.
Prasad also said the data related to Aadhaar was completely safe and its server was in India.
"Propagation of ransomware called WannaCry/WannaCrypt has been reported in many countries around the world including India since 12 May 2017. Propagation of another ransomware called Petya was also reported since 27 June 2017.
"34 incidents have been reported to CERT-In from organisations and individuals regarding infections of Wannacry and Petya ransomware," he said.
Prasad said operations of Jawaharlal Nehru Port Trust (JNPT) Mumbai were partially affected by the Petya ransomware and decryption tools for some of the ransomware are available which allows users to decrypt their unusable/encrypted files.
"With regards to WannaCry Ransomware, decryption tools have limited capability at present and hence have not been very successful. With regards to the new variant of Petya ransomware, there is no decryption tool publicly available.
For all ransomware attacks, data affected could be restored from a data backup, if available, thereby minimising the impact of these attacks," he said.
Damian Talbot