Cyber Incident Victim: Ministry of Electronics and Information Technology

In early September 2020, a malware attack compromised over 100 computers at India's National Informatics Centre (NIC) and the Ministry of Electronics and Information Technology. The incident began when an employee of the ministry received a malicious email appearing to originate from a Bengaluru-based IT company. Upon opening an attachment in this email, the official's system automatically deleted all stored data. Subsequent analysis revealed that a malware infection had spread to hundreds of computers across both organizations. The NIC, responsible for securing critical national cyber infrastructure, detected the breach through its security systems and reported the incident to Delhi Police's Special Cell, which registered a formal case. Forensic examination indicated the attack originated from a proxy server, though the specific threat actors remained unidentified at the time of reporting.

The compromised systems contained sensitive data related to national security and high-ranking government officials, including details about the Prime Minister and National Security Advisor. While initial media reports suggested widespread intrusion, Delhi Police clarified these claims were unsubstantiated and confirmed approximately 100 affected computers. The incident occurred amid broader concerns about cyber espionage targeting Indian political and military figures, with the government separately raising issues about China-based companies' alleged snooping activities with Chinese officials. NIC maintained its cybersecurity systems successfully detected the breach attempt, characterizing such intrusion efforts as routine in cyberspace. Ongoing investigations focused on tracing the attack's origins through the proxy server while assessing the full extent of data exposure from compromised systems.