During G-20 summit in 2023, the official website of the conference was targeted by 16 lakh cyber attacks per minute, Rajesh Kumar, CEO of the Indian Cyber Crime Prevention Centre (I4C) under the Ministry of Home Affairs (MHA), said on Wednesday.
Mr. Kumar said that the website (g20.in), hosted by India, was subjected to an organised cyber attack months ago, which peaked on the days of the summit (September 9 and 10, 2023).
“It was a distributed denial of service (DDoS) attack and we cannot pinpoint the origin as of now. The investigation will take time. The attack could have been launched from anywhere, the servers masked and shown to be present even in India. The objective was to bring down the website,” Mr. Kumar said.
“All the agencies worked together and prevented the attack. In a DDoS attack, the infrastructure is sent multiple requests so that it is not able to handle the requests and the website goes gown. That was the plan,” he added.
He said it was a security incident planned by malicious actors, and agencies, including the Computer Emergency Response Team (CERT-IN) and the National Informatics Centre (NIC), thwarted the attack.
In the run up to the summit, a meeting of the Emergency Response Group was held on September 1 to review and discuss cyber security issues related to the G-20 Summit. A 24X7 Coordination Control Room comprising personnel from the 14C, CERT-IN, Delhi Police, and the NIC was set up to manage the cyber attack during the G-20 summit, another official said.
A DDoS attack denies service to users as botnets clog the servers with requests they are unable to understand or process. It’s difficult to arrive at any specific number of bot attackers since the attacks are automated.