cyber security
Image Credit source: Pexels
Government organizations and PSUs will have to strengthen their data security network, if they fail to do so, they may have to pay a fine of up to Rs 500 crore in case of cyber security breach.
Data Protection Bill Data breach after the enactment of (Data Breach) It can also be expensive for government organizations and PSUs. They have to strengthen their data security network, if they fail to do so, they will face cyber security breach. (Cyber Security Breach) 500 crore may have to be paid in the case of This particular provision in the draft bill comes in the wake of recent reports of massive data breaches by government entities like AIIMS and IRCTC. However, these breaches were caused by external hacking.
Government institutions did not get exemption
Minister of State for Electronics and IT Rajeev Chandrasekhar Recently told Financial Express that the draft bill does not give any exemption to government entities for data breach. Sensitive personal data of around 30 million IRCTC users was reportedly available for sale on the dark web. The leaked data, which included details such as email, cellphone number, address, age and gender, was posted on a dark web hacker forum for sale at $400 per copy.
IRCTC refused
IRCTC denied that the breached data was retrieved from its servers. Yet it notified CERT-In about the possible leak, as required by the current IT Act. This is not the first instance of an alleged data breach on IRCTC. There were reports of similar data breaches by the organization in 2016 and 2020. In both these cases, sensitive data of passengers was allegedly posted on the dark web for sale. However, in both these cases IRCTC denied any such violation.
There was a cyber attack on AIIMS as well
Recently, a cyber security attack on country’s premier hospital, AIIMS in Delhi destroyed around 100 critical servers. The cyber attack on AIIMS Delhi shut down the server for ransom and private data of lakhs of patients was compromised. The hackers allegedly demanded a ransom of up to Rs 200 crore in exchange for giving back the server control. AIIMS had said in a statement last month that the attack was carried out by Chinese hackers. In recent times, hackers are increasingly targeting PSUs and the government.
Most cyber attacks in these countries including India
Data collected by cyber security firm CloudSEK shows that the number of attacks targeting the government sector has increased by 95 per cent in the second half of 2022 as compared to the same period in 2021. India, US, Indonesia and China remained the most targeted countries in the last two years. These four countries together accounted for about 40 per cent of the total reported incidents in the government sector, CloudSEK said in a report on Thursday. Although the primary objective of most of these hackers is to extract data and sell it for monetary gains, CloudSEK said that hacktivist groups have been more active in 2022.
