Cyber Security – CERTs, Policy, etc

How did a DDoS attack cripple Kaveri 2.0?

Explained | Security Issues | Mains Paper 3: Cyber Security
Note4Students

From UPSC perspective, the following things are important :

Mains level: Cyber attacks;

Why in the News?

In January, the Kaveri 2.0 web portal, which helps with property registrations in Karnataka, experienced frequent server crashes. This caused a major disruption, bringing property registration and related citizen services to a near halt in the state.

What is a DDoS attack?

  • A DDoS (Distributed Denial of Service) attack is when a website or online service is flooded with too much traffic all at once, making it crash or slow down so that real users can’t access it.
  • Instead of coming from one source, the attack comes from many different computers or devices that have been taken over by attackers. These devices work together to send massive amounts of fake traffic to the target, overwhelming it and causing it to stop working.

What are other major DDoS attacks?

  • Dyn DDoS Attack (2016): The Dyn DDoS attack disrupted major websites including Twitter, Netflix, and Reddit. The attack used a botnet of IoT devices, such as cameras and routers, to flood Dyn’s servers with traffic, causing widespread outages.
  • GitHub DDoS Attack (2018): In 2018, GitHub was hit by one of the largest DDoS attacks in history, with traffic peaking at 1.35 terabits per second. The attack exploited memcached servers to amplify the traffic, overwhelming GitHub’s servers before mitigation efforts kicked in.
  • AWS DDoS Attack (2020): Amazon Web Services (AWS) faced a 2.3 Tbps DDoS attack in 2020, which was one of the largest publicly reported DDoS attacks. AWS mitigated the attack using its cloud infrastructure and security services like AWS Shield.
  • Cloudflare DDoS Attack (2021): In 2021, Cloudflare thwarted a 26 million request-per-second DDoS attack, one of the largest HTTPS DDoS attacks at the time. It was mitigated using Cloudflare’s advanced rate-limiting and traffic filtering technologies.
  • Microsoft Azure DDoS Attack (2023): Microsoft Azure faced one of the largest DDoS attacks ever recorded, peaking at 3.47 terabits per second. The attack, attributed to a botnet leveraging vulnerable devices, aimed to disrupt services for enterprise clients.

What are the steps taken by the Indian Government? 

  • Cybersecurity Regulations and Policies: In 2025, new cybersecurity regulations were introduced to enhance the existing framework, including mandatory data localization and strengthened data protection laws. The National Cyber Security Policy, established in 2013, continues to guide these efforts by providing strategies for securing cyberspace and protecting critical information infrastructure.
  • Increased Budget Allocations: The Union Budget for 2025 allocated over ₹1,600 crore for cybersecurity initiatives, reflecting the government’s recognition of its importance for national security and economic stability. This includes significant funding for CERT-In and capital projects aimed at bolstering cybersecurity infrastructure across various sectors.
  • Formation of Cybersecurity Agencies: The establishment of agencies such as CERT-In (Computer Emergency Response Team) and NCIIPC (National Critical Information Infrastructure Protection Centre) has been crucial.
    • These agencies are responsible for monitoring cyber threats, coordinating responses, and enhancing the security of critical sectors like banking, telecommunications, and energy.
  • Skill Development Initiatives: To address the shortage of cybersecurity professionals, the government has launched skill development programs aimed at training a workforce of over 500,000 IT experts. This initiative is part of a broader strategy to create a resilient cyber ecosystem capable of responding to evolving threats.

How can such attacks be mitigated? (Way forward)

  • Traffic Filtering & AI-Based Detection: Uses firewalls, intrusion detection systems (IDS), and AI-based threat analysis to filter out malicious traffic before it reaches the target server.
    • Example: Google Cloud Armor helped mitigate a 46 million request-per-second (RPS) DDoS attack in 2022 by detecting abnormal traffic patterns and blocking it in real-time.
  • Rate Limiting & Load Balancing: Restricts the number of requests a user can make in a given timeframe and distributes traffic across multiple servers to prevent overload.
    • Example: Cloudflare’s Rate Limiting and Load Balancer mitigated an HTTP flood attack on a European banking institution, ensuring legitimate users were not affected.
  • Bot Detection & CAPTCHAs: Uses CAPTCHA tests, behavioural analytics, and browser fingerprinting to block automated bot traffic.
    • Example: GitHub (2015 DDoS Attack by China-based botnet) introduced CAPTCHA-based protection to prevent automated malicious requests targeting anti-censorship tools.
  • CDN & Cloud-Based DDoS Protection: Content Delivery Networks (CDNs) and cloud-based security providers absorb attack traffic before it reaches the main infrastructure.
    • Example: Amazon AWS Shield protected against a 2.3 Tbps DDoS attack (2020) by leveraging global CDN distribution and real-time attack mitigation.
  • Incident Response Plan & Collaboration with Cybersecurity Agencies: Organizations monitor threats, conduct regular security audits, and coordinate with government agencies for rapid response.
    • Example: Kaveri 2.0 Attack (2024, Karnataka, India) led to a cybercrime investigation and strengthened security protocols after the portal faced 6.2 lakh malicious requests in two hours.

Mains PYQ:

Q Discuss the potential threats of Cyber attack and the security framework to prevent it.(UPSC IAS/2017)

Get an IAS/IPS ranker as your 1: 1 personal mentor for UPSC 2024

Attend Now

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments

JOIN THE COMMUNITY

Join us across Social Media platforms.

💥Mentorship February Batch Launch
Talk To Mentor
💥💥Mentorship January Batch Launch
Talk To Mentor