The increasing adoption and integration of technology into our daily lives and the stupendous rise of the internet have provided mankind with unprecedented opportunities. From enabling easy access to information to transforming how individuals perform tasks and organizations operate, to the extensive network of interconnected devices, opportunities are abundant and social connections are easy. However, this digital transformation has also ushered in a danger akin to opening a Pandora’s box. The manifold technological growth has spurred the rise of cybercrime, threats and criminal activities that are equally dynamic and easily perpetrated through expansive networks and computer systems. Cybercrime is a global concern, and no country can evade the ever-growing challenge to security systems.

India is a significant player in the field of technology and one of the top 5 countries in critical technologies.

As the country runs the race of technological growth and rapidly embraces digital transformation, the impact of the rising cyber threats and cybercrimes is inevitable. Technological advancements and digital technology may have brought about efficiency across industries, but they also arrived with new opportunities and opened numerous avenues for cyber criminals for their threat activities and exploitation. The world today is in dire need of advanced cybersecurity measures and a highly proficient workforce capable of tackling the sophisticated challenges of the cyber realm.

Cybercrime is a grim reality impacting critical infrastructures, organizations and individuals across the globe. The Indian cyber threat landscape is nothing different from the rest of the world. The country is also challenged with the escalated rate and frequency of cyberattacks, and in demand for a multipronged approach to combat the ever-growing threat landscape. This article is a comprehensive analysis of the growing cybercrime in India, the roles of key players like CERT-In and RBI and several other government initiatives and policies. We will begin by highlighting the statistical overview of cybercrime in India.

Also Read:
Need for Cybersecurity Awareness and Training in India

Increasing cyberattack cases in India: Statistical overview of cybercrime in India

India is a burgeoning economy and a technological hub and has also increasingly become a potential target for cyber threat actors. In a new report of The Times of India, the country is projected to witness a whooping rise in cyberattacks of up to 1 trillion by 2033, with an estimated surge of 17 trillion by 2047. The country ranked third at the global level in cyberattack incidents. Cybersecurity experts are urging stronger measures and robust national security strategy, recognizing the growing landscape of risks and threats caused by rapid digital expansion. The year 2023 alone saw over 79 million cyberattacks, 15 percent higher than the previous year, placing the country in the third rank of global cyberattacks. The numbers continued to escalate in 2024, with over 500 million cyber incidents occurring in as little as three months. Following the National Cybercrime reporting portal, Indians accrued a humongous loss of, INR 1750 crore from 7.4 lakh complaints only in the first four months of 2024. These escalating and relentless attacks are glaring evidence of how cyber threats are growing in sophistication and threat persistence.

In a report made by a Non-profit -Prahar, the growing cybercrime occurring in the country is not restricted to critical infrastructures or organizations alone. Cybercriminals are at play by hacking giant institutions and manipulating citizens as the core component of the new attack mechanisms. Gaming and betting apps are also among the most vulnerable avenues. In India, two types of cyberattacks are reported to be in play. The first kind is the traditional attacker who targets systems vulnerabilities for disruptions and financial gain. The other type is a more insidious approach, targeting citizens through threats, coercion, or manipulation.

A well-planned national cyber security is the need of the hour. When state-sponsored actors are also at play, there is no excuse for a country to not prioritize meeting these challenges. Breaches in major financial institutions, government databases and healthcare systems do not only result in financial and reputational loss but the impact of sensitive data being compromised poses irreversible damage. Data breaches at the national UIDAI (Unique Identification Authority of India) exposing millions of records from financial to personal information is a serious threat, that demands robust and sophisticated national-level cybersecurity measures.

Also Read:
Guide to Earning the Best Cybersecurity Certification Online

A Statistical Overview of Cybercrime across the country

India hosts the world’s second-largest internet population, and the country has only just begun to set up a national-level security framework to protect its population. Cybercrimes, on the other, know no bounds and are evolving at equal sophistication and dynamic as that of emerging technologies. The most affected and vulnerable sectors include: IT, Healthcare, Finance, and Manufacturing. The security breach at a government agency, involving the Aadhaar system-India’s unique citizen identification, is perhaps an eye-opener for the country to get down to serious planning and policies. The year 2024 alone witnessed soaring costs of over two million USD owing to data breaches.

A bird’s eye view on the number of cybersecurity cases across the states in the country in the last three years (2020-2022)

As reported by I4C India (India Cyber Crime Coordination Centre), the year 2024 in the first four months saw a report of 63,00 cases of investment scams. The news was further followed by 20,000 scam reports, within the same timeline. The country recorded an overall number of cyber cases amounting to 7,40,000. The state of Uttar Pradesh experienced 19 lakh fraud cases in a single year, with only 72,000 making it to the report. This huge gap between actual cases and reported cases underscores the need to ramp up awareness and reporting mechanisms and higher efficiency in cybercrime investigations.

Also Read:
Why Upskilling in Cybersecurity Is the Smartest Career Move

Cost of data breach incurred by Indian businesses in 2023

A Cybersecurity Readiness survey in 2023 indicates a loss between 1-9 million USD from 28 percent of the survey sample consisting of security, senior business, and tech executives, highlighting the dramatic surge of cybercrime in the past few years.

Indian Cybersecurity Market Value in 2023

The Cybersecurity market value of the country in the year 2023 was valued at USD 6 billion. The market has witnessed steady growth in the past five years, with significant support from the cybersecurity products segment. This massive growth in the market value is also supported by the initiative prioritized by the Indian government as well as the private sector.

The initiative of the government of India -I4C portal ‘Citizen Financial Fraud Reporting and Management System’  under its I4C initiative is recorded to have witnessed significant progress in tackling financial fraud and saved over INR 1200 crore generated from over 4,7 lakh complaints. The Government of India also took a proactive step to mitigate and prevent fraudulent activities by blocking more than 3.2 lakh SIM cards and 49,00 IMEIs, between January 1, 2023, to December 2023. To enable citizens to file online cyber complaints, a toll-free helpline number 1930 has also been activated by the government.

Role of CERT-In and RBI in Cybersecurity

The Indian government has instituted several national-level policies, frameworks and initiatives to combat the escalating threat of cybercrime. CERT-In is a cybersecurity response framework aimed at strengthening the country’s cyber defences. CERT-In (Computer Emergency Response Team) is now an integral component of the country’s cybersecurity infrastructure. The framework came into existence under the Information Technology (IT) Act,2000. It was formally instituted through Section 70B of the IT Act, which gives the government the power to delegate a team with the responsibility of responding to cybersecurity incidents and safeguarding critical information infrastructure.

With a director general heading the CERT-In with the tasks of supervising the team’s operation, the team is governed by numerous definitions and their core responsibility includes handling cybersecurity incidents. Incidents that compromise the CIA principles (Confidentiality, Integrity and Availability) come under their operative powers. The CERT-In aims to protect critical information infrastructure and those vital to the functioning of the economy and society.

Functions and Responsibilities of CERT-In

The CERT-In is designated to perform a broad range of responsibilities to empower and improve the cyber resiliency of the country. The team’s tasks can be listed under

• Incident Response: Mitigate and control damage by providing timely responses in the event of a cybersecurity incident
• Prediction and Prevention: Detect vulnerabilities and potential threats to intercept incidents before their occurrence
• Analysis and Forensics: Conduct detailed investigations of cybersecurity incidents to have in-depth knowledge and understanding of the nature and impact
• Information Security Assurance: Conduct audits and assessments to fortify information systems security
• Training and Awareness: Disseminate and educate about best practices and emerging trends of cybersecurity to various stakeholders.

CERT-In is also tasked with a critical role of collaborating with emergency response teams of other countries aimed at enhancing cybersecurity measures at the global scale. Their functions on the international front include the following:

• Information Sharing: They are responsible for the exchange of information concerning emerging threats, malware and vulnerabilities. This task aids in the identification of global cyber trends and threat dynamics and in developing combat mechanisms and strategies.
• Collaborative Incident Response: Work with other CERT teams from other countries in cases of cyber incidents beyond borders. The activities may range from the joint investigation, resource sharing and executing a concerted  response to minimize impacts
• Capacity Building: Engaging in activities that involve sharing of expertise and best practices towards capacity building with teams from other countries. The activities are carried out by conducting collaborative research, training programs and workshops. The projected impact of such activities is to enhance the cybersecurity framework at the regional and national levels.
• Active participation in International Forums: taking part actively in regional and global forums like GFCE ( Global Forum on Cyber Expertise) and AMCC (ASEAN Ministerial Conference on Cybersecurity) that allow collaborative efforts of various nations and exchange of information and ideas to better combat the menace of cyberthreats.
• Bilateral and Multilateral Agreements: CERT-IN is responsible for engaging in agreements at different levels – bilateral or multilateral cooperations which are aimed at facilitating cooperation among nations. Such agreements typically outline collaborative frameworks like mutual assistance, joint exercises and information sharing.
• Conduct Awareness and Training Programs: Collaborates with other countries, and helps them develop their potential and strength in countering cybersecurity threats, by conducting training programs and awareness campaigns.
• Incident Reporting and Alerts: CERT-In acts as the liaison for disseminating and receiving information on threats and vulnerabilities from international sources. This task is aimed at helping Indian stakeholders stay updated and informed about the global issues and scenarios of cybersecurity.

CERT-In Roles in Collaborating with Stakeholders

The roles CERT-In plays in collaborating with stakeholders include:

• Sectoral CERTS: Specialized teams minding specific sectors
• Intermediaries: Entities that make data exchange and communication easy
• Internet Registries and Domain Registrars: working with entities managing domain names and IP addresses
• Industry and Academia: Working on cybersecurity research and development to work together with educational institutions and businesses
• Law Enforcement Agencies: Addressing cybercrime and improving security measures.

CERT-In is a critical component in India’s cybersecurity framework policy today by mitigating risks and responding to cyber incidents effectively. The proactive measures and efforts concerted by CERT will continue to be vital for India’s digital infrastructure.

Also Read:
Ethical Hacking: A Strategic Approach to Combat Cybercrime

How Blockchain is Shaping the Future of Cybersecurity

RBI’s Role in India’s Cybersecurity Landscape

RBI is another leading entity in enforcing stringent measures to provide financial security in the face of rapid frauds and scams using sophisticated technologies.

The Reserve Bank of India, which is also the regulatory body of the Indian banking system, issues cybersecurity guidelines for financial institutions. The Cybersecurity Framework was released on June 2, 2016, wherein scheduled commercial banks, including, foreign, nationalised and private banks listed under the Schedule of RBI Act, 1934, are mandated to proactively create and modify procedures, policies and technologies contingent upon new security developments and concerns. Highlighting the growing adoption of information technology and technology becoming an integral part of the operational strategies of banks, the RBI foregrounds the necessity of a board-approved policy for cybersecurity.

The RBI calls for the urgent need to implement a robust cybersecurity and resiliency framework that will enable banks to cybersecurity preparedness continuously. The circular demands implementing a cyber crisis management plan in the banks to address the complete cycle of detection, response, containment and recovery. The RBI Cybersecurity framework is aimed at enabling banks to formalize and adopt cybersecurity policies and plan for crisis management. The framework also demands banks to share information on cybersecurity incidents with the RBI to allow the development and structuring of proactive identification and mitigation of threats.

As a regulatory body, the RBI plays a vital role in ensuring security across the financial sector in India. The guidelines issued by the RBI are not just regulatory requirements, but they serve as the pillars offering stability and integrity of the country’s financial infrastructure. The guidelines include an introductory framework and guidance coupled with three annexes:

• A set of cybersecurity baseline and resilience requirements
• Information on the Implementation and operation of a cybersecurity operation centre (C-SOC) in the bank
• Cyber Incidents reporting template to be shared with the RBI

The RBI framework thus emphasizes the above three areas: Cybersecurity and resilience, Cybersecurity Operations Centre (C-SOC) and Cybersecurity Incident reporting (CSIR). The framework outlined by the RBI widely covers the following domains and is governed by this set of regulations:

Annexe 1 – Baseline Cybersecurity and Resilience Requirements:  Inventory Management of Business

• IT Assets
• Preventing the execution of unauthorized software
• Application Security Life Cycle (ASLC)
• Patch/Vulnerability & Change Management
• Vendor Risk Management
• Removable Media Maintenance,
• Monitoring, and Analysis of Audit Logs
• Audit Log settings
• Metrics Forensics
• Environmental Controls
• Network Management and Security
• User Access Control / Management
• Authentication Framework for Customers
• Advanced Real-time Threat Defence and Management
• Anti-Phishing
• Vulnerability assessment and Penetration Test and Red Team Exercises
• Incident Response & Management
• User / Employee/ Management Awareness
• Customer Education and Awareness
• Secure Configuration
• Secure mail and messaging systems
• Data Leak Prevention Strategy
• Risk-based transaction monitoring

Annexe 2 – Cybersecurity Operation Centre (C-SOC):  C-SOC Functional Requirements

• Governance Requirements
• People Requirements
• Process Requirements
• Integration Requirements
• Technology Requirements

Annexe 3 – Cybersecurity Incident Reporting (CSIR):

• Template for reporting Cyber Incidents
• Cybersecurity Incident Reporting (CSIR) Form

Indian Government Initiatives and Policies

Recognizing the urgent need for securing the country’s critical infrastructures and its digital and technological expanse, the government of India has been taking proactive measures. Numerous initiatives and policies have been launched and implemented to combat the growing cyber threat and to strengthen and enhance the country’s cybersecurity.  The key policies include:

• National Cyber Security Policy (2013)
• The Information Technology Act (2000)
• Digital Personal Data Protection Act (2023)
• Indian Cybercrime Coordination Centre (I4C)
• Indian Computer Emergency Response Team (CERT-In)
• National Critical Information Infrastructure Protection Centre (NCIIPC)
• Cyber Surakshit Bharat Initiative
• Cyber Swachhta Kendra

Conclusion:

No country is immune to cyberattacks. A strong workforce specialized in cybersecurity is a fundamental requirement in today’s tech-driven era. A cybersecurity-oriented workforce cannot be more critical for India, which is home to the world’s second-largest population of internet users. The increasing sophistication of cybercriminals must be met with a highly skilled workforce to combat, protect and defend this growing menace.