Context: How did a DDoS attack cripple Kaveri 2.0?

Source: The Hindu

The web-based service Kaveri 2.0, which simplifies Karnataka property registrations, had intermittent, debilitating system disruptions in January. After looking into the outage, the Revenue Department and E-Government Department came to the conclusion that a motivated Distributed Denial of Service (DDoS) attack on Kaveri 2.0, which was introduced in 2023 to improve land registration, was to blame rather than technical issues.

A DDoS attack is a malevolent attempt to overload a targeted service or network with excessive internet traffic in order to prevent it from operating normally. The collective term for these corrupted systems is a “botnet.” An interruption or possible loss of revenue may result from service outages that make services inaccessible. It can serve as a diversion while other cyberattacks, such data breaches, are being carried out. DDoS assaults can harm an organization’s reputation because partners and customers may doubt its capacity to defend against online threats.

Organizations use sophisticated traffic filtering techniques to differentiate between malicious and genuine traffic in order to defend against DDoS assaults. By using monitoring technologies, one can spot odd traffic patterns and take preventative measures. By limiting the number of requests, a user may submit in a specific amount of time, rate limiting can keep the system from becoming overloaded. Automated tools or bots can be recognized and blocked by bot detection technology like behavioural analysis and CAPTCHA challenges. Strong authentication procedures and frequent security audits can also improve online service security and stop unauthorized access. In order to help investigate attacks and find the culprits, organizations might also collaborate closely with cybersecurity agencies.

Major DDoS assaults in recent years:

1.Elon Musk owned X was targeted in August 2024.

2.Microsoft owned code repository GitHub was targeted by a China-based botnet in 2015

Model Question:

What are cyberattacks, and what are their various types? Discuss notable instances of cyberattacks in India and suggest measures to enhance cybersecurity.

Model Answer:

With increasing digital dependence, cyberattacks have become a major threat to national security, financial stability, and personal data protection. A cyberattack is an attempt by hackers to damage, disrupt, or gain unauthorized access to computer systems, networks, or data.

 

Types of Cyberattacks

1. Malware Attacks – Use of malicious software like viruses, worms, or ransomware.
2. Phishing Attacks – Deceptive emails or messages tricking users into revealing sensitive information.
3. Denial-of-Service (DoS) Attacks – Overloading a system to make it inaccessible.
4. Man-in-the-Middle (MitM) Attacks – Intercepting communication between two parties to steal data.
5. SQL Injection – Exploiting vulnerabilities in databases to gain unauthorized access.
6. Zero-Day Exploits – Attacks that exploit unknown software vulnerabilities before fixes are available.

Cyberattacks in India

1. 2010 Stuxnet Attack – First major cyberattacks targeting India’s nuclear facilities.
2. 2018 Cosmos Bank Attack – ₹94 crore stolen via malware targeting the bank’s ATM system.
3. 2020 Kudankulam Nuclear Plant Attack – Malware infiltration linked to North Korea’s Lazarus Group.
4. 2021 Air India Data Breach – Personal data of 4.5 million passengers leaked.
5. 2022 AIIMS Delhi Ransomware Attack – Hospital services disrupted for weeks.

Measures to Strengthen Cybersecurity

1. Strengthening Cyber Laws – Amendments to the IT Act, 2000, and new laws for emerging threats.
2. Developing Indigenous Cybersecurity Infrastructure – Reducing reliance on foreign tech.
3. Enhancing CERT-In Capabilities – More proactive monitoring and response to cyber threats.
4. Cyber Hygiene Awareness – Training citizens and government officials on digital safety.
5. Public-Private Collaboration – Industry partnerships to develop robust security frameworks.
6. International Cooperation – Working with global agencies for cyber intelligence sharing.

 

As India moves towards digitalization, strengthening cybersecurity is crucial to protect national security, economy, and citizens’ data. A multi-pronged approach combining legal, technological, and awareness-based strategies is necessary to combat cyber threats effectively.