Cyber threats

Story hook

It is 12 May 2017. 2:30 PM IST. Computers across India's West Bengal State Electricity Distribution Co., Andhra Pradesh Police, Bharti Airtel, and multiple SMEs suddenly display a red lock screen: "Your files have been encrypted." WannaCry ransomware, exploiting a Microsoft SMB vulnerability (MS17-010, EternalBlue) leaked from NSA by ShadowBrokers in April 2017, sweeps through 200,000+ systems in 150 countries within 72 hours. India ranked 3rd most affected globally.

Six months later — 27 June 2017. NotPetya wipes out operations at Maersk Mumbai terminal (along with global ports), Reckitt Benckiser India, Nivea. NotPetya disguises itself as ransomware but destroys data permanently — a wiper, not ransomware. Attribution: Russian GRU's Sandworm group.

These twin 2017 incidents were the wake-up. CERT-In's incident volume: 5.42 lakh in 2020 → 14.32 lakh in 2023 — 2.6x in three years. Ransomware specifically rose 51% in 2022 alone. Sophos State of Ransomware 2024 report: 65% of surveyed Indian organisations hit by ransomware in last 12 months; average ransom demand $1.18 million.

The AIIMS Delhi attack (Nov 2022), Power Grid attack (Mumbai 2020) linked to Chinese RedEcho, the CoWIN data leak claims (2023), and the persistent Pakistani Transparent Tribe APT (operational since 2013) all sit on this threat landscape. CERT-In's 28 April 2022 mandatory directions are India's operational response. National Cyber Security Strategy 2023 draft proposes Rs. 25,000 cr 5-year ramp-up.

For UPSC, the threat taxonomy — ransomware + DDoS + APTs + phishing + supply chain + zero-days + insider threats — is the vocabulary base every cyber-security answer needs. Without it, Mains essays look generic.

Why this matters for UPSC

Asked in Mains 2020, 2021, 2023 — typically "discuss cyber threats to India / India's response". Prelims tests CERT-In, ransomware incidents, APT terminology. Interview boards probe AIIMS attack, Mumbai 2020, India's offensive cyber capabilities. Foundational to all cyber Mains answers.