Cyber Security Threats — Current Affairs 2026

The All India Institute of Medical Sciences (AIIMS) in Delhi suffered a major ransomware attack that crippled its digital services for nearly two weeks. This incident highlighted the extreme vulnerability of critical healthcare infrastructure to cyber threats, leading to manual operations, patient data compromise concerns, and significant disruption to medical services. It underscored the need for robust cyber defenses, incident response plans, and data backup strategies in vital public institutions. The attack prompted a high-level investigation and raised questions about India's preparedness against sophisticated cyber warfare.

UPSC Angle: Impact of cyberattacks on critical infrastructure (healthcare), national security implications, institutional response mechanisms (CERT-In, NCIIPC), and the need for a comprehensive National Cyber Security Strategy. Relevant for GS-III Internal Security and GS-II Governance.

The Indian Computer Emergency Response Team (CERT-In) regularly issues advisories on critical vulnerabilities in widely used software and operating systems. In January 2024, a high-severity alert was issued for multiple vulnerabilities in Google Chrome and Android, which could allow attackers to execute arbitrary code, bypass security restrictions, or gain unauthorized access. Such advisories are crucial for informing users and organizations about potential threats and urging them to apply necessary patches and updates to mitigate risks, showcasing CERT-In's proactive role in national cyber defense.

UPSC Angle: Role and functions of CERT-In, importance of cyber hygiene and vulnerability management, impact of software vulnerabilities on individual and national security, and the continuous nature of cyber threat landscape. Relevant for GS-III Internal Security and Science & Technology.

In December 2023, reports surfaced regarding a potential large-scale data breach affecting the Indian Railway Catering and Tourism Corporation (IRCTC), potentially exposing personal data of millions of railway passengers. While IRCTC denied the breach, CERT-In acknowledged the incident and initiated an investigation. This event brought to the forefront the persistent threat of data breaches in government-run public services and the critical need for robust data protection measures, especially for organizations handling vast amounts of citizen data. It also highlighted the challenges of transparent communication during such incidents.

UPSC Angle: Data privacy and protection, implications of data breaches on citizens, government's responsibility in securing public data, role of regulatory bodies like CERT-In, and the need for a strong data protection law (Digital Personal Data Protection Act, 2023). Relevant for GS-III Internal Security and GS-II Governance.