In recent years, particularly following the COVID-19 pandemic, countries worldwide, including those in the Quadrilateral Security Dialogue (Quad; India, the US, Australia, and Japan), have embraced digital technologies and digitalisation at an accelerated pace. Amid rapid digitisation, work-from-home interactions, online consultations for various services, especially healthcare and medical delivery systems, and online education (edtech) opportunities have become more acceptable and accessible.
Notably, internet penetration in India and the broader Asia-Pacific region was underway long before the onset of the pandemic. Indeed, even before the pandemic forced greater digitisation worldwide, the Asia-Pacific region had the highest number of internet users. However, Europe and the Americas had better overall internet penetration rates.
Figure 1: Digital Trends in the Asia Pacific (2019 and 2021)
The number of internet users in the broader Asia-Pacific reached over 2.6 billion in 2022, with China and India contributing about half of this number. Many users in the region are young and rely on mobile phones to access the internet; the number of mobile internet users increased from 1,090 million in 2019 to 1,290 million in 2022. Amid this expansive access and the growth of edtech, e-commerce, and fintech services (both before and due to the pandemic), the embrace of digital technologies will only likely expand. However, despite this growth in digital technologies, many countries are yet to institute effective cybersecurity measures to counter loopholes and vulnerabilities that have risen therein. The spike in the number of cybersecurity incidents, including on critical infrastructure (for instance, in the Quad countries), highlights the need to build cyber resilience to avoid such incidents. As the number of internet users grows, this problem will only intensify. As such, the Quad countries—particularly India, which is poised to lead the growth in internet users and currently has poor cybersecurity and weak cyber hygiene practices—must address cyber vulnerabilities to build resilience through a concerted cyber security agenda.
Cyber Security Incidents in India
In October 2023, media reports indicated that American cybersecurity firm Resecurity had discovered cybersecurity breaches that resulted in the personal information of over 800 million Indian citizens being sold on the dark web. The cybersecurity firm’s human intelligence division, HUNTER, stated that the perpetrators of the cyberattack were “willing to sell [the] entire Aadhaar and Indian passport database for $80,000.” Earlier, in November 2022, a cyberattack on the All India Institute of Medical Sciences (AIIMS) in New Delhi, a premier medical institution, impacted the hospital’s outpatient and inpatient digital services (billing, report generation, and appointment scheduling). The incident appeared to have been a ransomware attack, where the criminals who hacked into the system were reportedly asking for a ransom payment. The culprits allegedly accessed about 40 million patient profiles, including sensitive data and medical records. This likely also included the data of senior government officials who consulted AIIMS for treatment. Ransomware attacks involve perpetrators sending malicious software to obtain illegal access to the victim’s data, locking it down, and demanding a ransom not to release it. In 2022, India saw a 53 percent increase in reported ransomware incidents compared to the previous year. In another incident in November 2022, Central Depository Services (India) Limited noticed malware in some of its internal systems but ruled out any potential data breach
The number of cyberattacks targeting the Indian health sector has risen in recent years. CloudSEK, an AI company that monitors cyber threats, noted in an August 2022 report that, in 2021, the Indian healthcare sector saw the second highest number of attacks after the US; India experienced 7.7 percent of all attacks on the healthcare industry worldwide and 29.7 percent of all attacks in the Asia-Pacific region. The report also noted that “the number of cyberattacks against the healthcare industry [worldwide] has increased by 95.34% in the first 4 months of 2022 as compared to the number of cyberattacks in 2021 during the same period.” Indeed, in recent years, major tech companies like Cisco India, CrowdStrike, Cyware and Sophos India have cautioned the country on potential spikes in the number of cyberattacks directed at the healthcare industry. Similarly, Cyfirma, a Singapore-based Goldman Sachs-backed cyber intelligence firm, reported in March 2021 that a Chinese state-backed hacking group, APT-10 (also known as Stone Panda), was targeting IT systems of major Indian COVID-19 vaccine developers such as Bharat Biotech and the Serum Institute of India. Cyfirma also stated that major Indian pharmaceutical companies such as the Serum Institute, Bharat Biotech, Dr Reddy’s Labs, and Abbot India were coming under cyberattacks by hackers based in Russia, China, and North Korea. The objective behind these attacks had been to get hold of critical vaccine research and trial data to gain a “competitive advantage over Indian pharmaceutical companies.” The company detected 15 hacking campaigns—seven from Russia, four from China, three from North Korea, and one from Iran.
