DDoS Attacks: A Growing Concern for India's Cybersecurity

INTRODUCTION: A NATIONAL SECURITY ALARM

In the aftermath of the Pahalgam terror attack and the corresponding CERT-In advisory under #OperationSindoor, a sharp warning has been issued—India’s digital backbone is under persistent threat. Distributed Denial-of-Service (DDoS) attacks have emerged as a preferred tactic to cripple critical online infrastructure across sectors such as banking, healthcare, energy, and governance. These attacks are no longer isolated or random; they are increasingly coordinated and politically motivated, aiming to disrupt essential public services and instill panic.

WHAT IS A DDoS ATTACK?

A Distributed Denial-of-Service (DDoS) attack occurs when attackers flood a website, server, or network with enormous volumes of fake or malicious traffic from multiple sources. The goal is to overwhelm system resources, making services unavailable to genuine users. Unlike hacking or data theft, DDoS does not steal information—it paralyzes operations. It is often used to:

• Disrupt government services
• Disable financial transactions
• Cripple emergency and health portals
• Deface websites to send political or ideological messages

REAL-LIFE EXAMPLES FROM INDIA

• Kaveri 2.0 Portal (Karnataka): In early 2024, the state’s property registration portal suffered a major outage due to a coordinated DDoS attack. Services came to a halt, disrupting legal and citizen transactions for days.
• Operation Sindoor Advisory (2025): Issued following a terror attack in Pahalgam, this alert exposed cyber activity targeting critical infrastructure like power grids and public health systems, especially through DDoS campaigns.
• Indian Government and Defence Websites: Multiple reports confirm attempts to deface or overwhelm official websites during times of heightened geopolitical tension, often traced to foreign hostile actors.

WHY CRITICAL SECTORS ARE VULNERABLE

• Healthcare: Delays in patient care, exposure of sensitive data.
• Banking and Finance: Disruption of online banking, UPI services, ATMs.
• Power and Energy: Grid instability or blackouts during attacks.
• Public Governance: Halted services like land registration, tax filing, or welfare transfers.
• Education and Examinations: Exam portals or university websites rendered non-functional.

The interconnection of essential services with internet infrastructure has made them easy targets unless protected by updated security protocols.

WHAT IS BEING DONE IN INDIA

• CERT-In (Indian Computer Emergency Response Team) Actions:
  • Urging real-time monitoring and log retention
  • Mandating incident reporting within six hours
  • Advising network audits and patching of vulnerabilities
  • Coordinating advisories with critical sector operators
• Legal and Regulatory Framework:
  • IT Act, 2000: Identifies DDoS as a punishable offence
  • CERT-In 2013 and 2022 Rules: Mandate cyber hygiene and reporting
  • SPDI Rules, 2011: Impose reasonable security obligations on companies handling sensitive data
  • Sectoral Laws:
    • RBI: Mandatory cyber audits for banks
    • SEBI: Prescribes ISO standards for exchanges
    • DoT: Requires telecom companies to report intrusions
    • NCIIPC: Oversees cybersecurity of Critical Information Infrastructure (CII)
• Institutional Measures:
  • National Cyber Security Coordinator (NCSC) under PMO: Strategic oversight
  • Indian Cyber Crime Coordination Centre (I4C): National cybercrime response
  • MeitY: Nodal policymaking body for cyber laws and digital safety

WHAT MORE NEEDS TO BE DONE

• AI-Enabled Detection Systems: Early warning and traffic pattern analysis.
• Mandatory Security Audits for Critical Infrastructure: Including state-level e-governance services.
• Stronger International Cooperation: Especially for tracing botnets and foreign attacks.
• Public Awareness and Institutional Training: Cyber drills, employee education, and safe browsing practices.
• Modernisation of the IT Act: To address emerging attack vectors and accountability in cloud environments.
• Cyber Insurance Framework: To protect financial institutions and key service providers from losses.

CONCLUSION

India’s digital ambitions must be matched with robust digital defences. DDoS attacks are no longer a technical nuisance—they represent a strategic threat to national security and economic stability. A comprehensive, legally grounded, and technologically sound approach is critical to fortify the nation against this silent form of digital warfare.