[Answered] Suggest some measures to control the increasing ransomware attacks in India.

Ransomware is a type of malicious software, used by cyber criminals, to infect a computer system by blocking access to the stored data by encrypting the files. A ransom is then demanded from the owner in exchange for the decryption key. CERT-In’s India Ransomware Report for the first half of 2022 said that there’s been a 51% year-on-year increase in ransomware incidents. A majority of attacks are on datacentres.

Measures to control the increasing ransomware attacks in India:

• A national cyber security strategy: This will be a guiding document to motivate and monitor the preparedness of cyber readiness of institutes and also enhance capacity on many fronts including forensics, accurate attribution and cooperation.
• Increased budget for cyber security measures: Significant budgets have to be allocated by various ministries to ensure cyber security measures.
• Capacity enhancement: The capacity enhancement for the National Critical Information Infrastructure Centre (NCIIPC) and CERT-In has to be undertaken to address the emerging sophisticated nature of threats and attacks. Further, sectoral CERTs have to be set up for many areas including health.
• International cooperation: This will help India to gain more knowledge and power. For this, India has to move beyond the Group of Governmental Experts (GGE) meetings and the US-led Counter Ransomware Initiative (CRI) of 37 countries and the European Union.
• Purpose limitation in collecting data by all regulated entities needs to be strictly enforced as sweeping in more data than required on flimsy pretexts increases risks manifold.
• Highly sensitive data such as biometrics are collected by different government organisations who may not all have high standards of cybersecurity. Collection of biometrics needs to be limited.
• Given data’s non-rivalrous quality, offering a regulator too much leeway protects a regulated entity at the expense of potential victims. So narrow down the discretion enjoyed by a regulator.

Proper cyber risk management should be followed. This includes not only preventing breaches but also placing guidelines regarding the process to be followed once there is a cyberattack. This will help minimise financially and mitigate reputational damage when a breach occurs.