Op-Eds

Cyber Insecurity

In a recent security breach, 19,000 of sensitive files related to the Kudankulam Nuclear Power Plant in Tamil Nadu (South India), one of India's largest nuclear power plants, was compromised. The ransomware gang 'World Leaks' claimed on the dark web of releasing these 14.3 gigabytes; of 8,58,000 Reliance Group (nuclear power plant contractor) files.

The Reliance Group confirmed a partial breach, (without disclosing details) and said the breach was reported to the government. Reliance claims the breach occurred at the 3rd-party data centre provider.  The Nuclear Power Corporation of India Limited (NPCIL) and Russia’s Rosatom are jointly developing the 6-000-MW plant. Units 1 and 2 are operational, while Units 3, 4, 5 and 6 are under construction. Units 3 and 4 are targeted for completion by 2026–2027, while units 5 and 6 are to be fully operational by 2030.

NPCIL says the leak has no link to nuclear safety or security. But Reuters has quoted Nickolas Roth, a senior director at the Nuclear Threat Initiative, which advises ​governments and benchmarks countries' preparedness on nuclear security, saying that the data breach could indeed pose a serious risk to the safety of the plant. Also, hacks have become more common in India, where many companies are ill-equipped to deal with such threats (https://www.reuters.com/world/india/files-relating-indias-largest-nuclear-power-plant-kudankulam-exposed-data-breach-2026-07-15/). Is this another poke before the elephant relapsing into slumber? Why have data breaches become more common in India?

India faces a high volume of recurring cybersecurity breaches, driven by rapid digital transformation, cloud misconfigurations, and expanding attack surfaces; ranking third globally in data breaches, with tens of millions of compromised accounts. Major sectors targeted by state-sponsored actors and hackers include Banking, Financial Services, and Insurance (BFSI); Critical Infrastructure and Healthcare.

India’s national cyber agency CERT-In handles millions of cybersecurity incidents annually, tracking over 2.2 million incidents in recent multi-year blocks and scaling up to 29.44 lakh (2.94 million) incidents in a single recent year. Major individual corporate and government database compromises over the decade have each exposed records numbers from millions to over 800 million citizens per event - historic leaks tied to medical databases, telecom data, and major corporate cloud misconfigurations.

Cyber incidents in India have multiplied significantly since 2016. IBM Security reports that India consistently ranks among the regions with high average total costs for a data breach, reaching records of roughly INR 22 crore per corporate breach. The most common catalysts for these breaches include compromised credentials, phishing, cloud misconfigurations, and third-party vendor vulnerabilities. In 2025, India suffered most data breaches, with 28.9 million accounts compromised, according to Surfshark.

Overprivileged Identity and Access Management (IAM) roles, expose object storage buckets, and unsecured Kubernetes environments accounting for a large share of cloud telemetry detections form part of cloud misconfigurations, Attack vectors include fragmented cybercriminal syndicates frequently targeting enterprise backup environments, Hyper-V servers, and internal IT service providers. Attackers leverage deepfake voice cloning, synthetic video for Business Email Compromise (BEC), and credential-stealing trojans. In addition is mass API abuse, SIM-swapping, and real-time screen-sharing malware exploiting India’s massive digital transactions framework, UPI included.

This Kudankulam data breach was second time linked to malware tied to a North Korean hacker group found on the plant's ​administrative network after 2019. The All-India Institute of Medical Sciences (AIIMS) in New Delhi has also suffered hacks -   November 2022 and June 2023. In 2022, over 1.3 terabytes of data across five main servers crippled digital hospital services (including patient registration, billing, lab reports, and appointments) for nearly two weeks, forcing the facility to revert entirely to manual operations.

Our defensive strategies must focus on securing cloud infrastructure and mitigating primary attack vectors. A zero-trust architecture is required, including micro-segmentation to restrict lateral movement intra-networks. Overprivileged Identity and Access Management (IAM) must be eliminated. Cloud Security Posture Management (CSPM) tools must be adopted and enterprise backups secured. Extended Detection and Response (XDR) platforms need to be used to monitor endpoint telemetry continuously and block advanced credential-stealing trojans in real time. In addition, robust Web Application Firewalls (WAF) should be implemented and phishing-resistant Multi-Factor Authentication (MFA) enforced.

Before India’s Digital Personal Data Protection (DPDP) Act (with 2026-2027 compliance timeline), we only had a fragmented mix of general technology laws, sector-specific rules, and some judicial rulings. Under the DPDP Act, the Data Protection Board of India (DPBI) operates on a three-stage countdown toward full compliance. Engineering and security leaders must align their roadmaps to these critical legal deadlines. Incident Response (IR) Workflow Under DPDP, Data fiduciaries face a strict two-tier reporting structure. When an incident triggers, technical IR runbook must execute across these distinct operational phases.

The problem lies in implementation and compliance of the DPDP Act. Industry surveys indicate majority regional organizations lack baseline security practices or are unaware of ongoing network intrusions. Also, millions of cybercrime complaints and massive financial losses are logged, low formal FIR conversion and recovery rates complicate legal remediation. There is a need to run targeted phishing simulation campaigns. Educate staff on deep fake voice cloning tactics, build a culture of active cyber hygiene. Simulation and continuous training must include supply chains, vendor exploits, patching discovered vulnerabilities within strict timelines and prioritizing internet-facing assets. Unless the government takes serious consistent steps to regulate and implement these steps, India’s cybersecurity will continue to deteriorate.

Together with the increasing data breaches, is the multiplying corruption; mounting number of scams may just be tip of the iceberg. High-profile gold, silver and misappropriation of millions of rupees has been reported from Temples: Ram Mandir (Ayodhya) INR 200 crore scam plus gold slippers and necklace of Lord Ram stolen; Sabarimala Shrine (Kerala); Tirumala Tirupati Devasthanams (Andhra Pradesh); Badrinath Temple (Uttarakhand); Jain Temples (Karnataka). Individual states report hundreds of distinct incidents; for example, Gujarat recorded 501 temple theft cases over a three-year period.

Theft of ancient idols and sculpture continues. Archaeological Survey of India (ASI) shows at least 488 artifacts and sculptures have been stolen across 19 states and union territories over the last years, including in; Konark Sun Temple (Odisha), Bhairav Temple, Kedarnath (Uttarakhand), Golingeswara Swamy Temple, Bikkavolu (Andhra Pradesh), Lakshmi Narasimha Temple, Javagal (Karnataka) and Khajuraho Group of Monuments (Madhya Pradesh).

Corruption scandals are periodically emerging in states like Madhya Pradesh and Maharashtra, highlighting scant regard to the public at large. These include:

  • Ethanol-Linked Rice Diversion Scam (Madhya Pradesh): INR 200 crore subsidized rice for malnourished children and pregnant women diverted to private millers and ethanol plants.
  • Ujjain Land Deal (Madhya Pradesh): large-scale land acquisitions in Ujjain, with accusations of land-use changes near major infrastructure and highway corridors.
  • Vyapam Scam (Madhya Pradesh): massive professional examination, admission, and recruitment fraud involving politicians, senior officials, and organized proxy testing rings.
  • Ghost Hostels & Payroll Irregularities (Maharashtra): Comptroller and Auditor General (CAG) and state audits have periodically exposed financial leakage - funds funnelled into non-existent or ghost student hostels and fake teacher positions siphoning billions from government education budgets.
  • Ghost Hospital (Madhya Pradesh): Non-existent hostel with 87 staff on paper for six years; drawing funds, with not one single brick laid for the hospital.
  • Historical Irrigation Scams (Maharashtra): Long-standing investigations, such as the multi-billion-dollar Maharashtra irrigation scam allegations, have targeted systemic inefficiencies and fund diversions in public works spanning decades.
  • Public Utility and Procurement Diversions (Maharashtra): Recurrent political disputes around diversion of funds originally designated for public utility or infrastructure maintenance toward private contractors or alternative accounts.

The government-appointed Niti Aayog had recommended the government should introduce Ethanol-10 (E10) petrol bled. But E20 petrol has been forced on the public without conducting any trials whatsoever. Union Petroleum Minister Hardeep Puri, says that the option of E10 or E20 versus normal petrol cannot be given; racing cars use E20 petrol, some rubber parts of old cars may be affected by E20 and the like. But there are multiple reports of E20 is crippling fuel-tanks of cars being called old. In one instance reported from Dehradun, the car stopped on the road; had to be towed away because the fuel tank went dead. The cars being termed old are not even banned in Delhi/NCR. But it helps divert attention from Hardeep Puri’s name in Epstein Files (with details of his dealings with Jeffery Epstein in the  media) plus the report purporting that Himayani (his daughter) received funds from George Soros – the anti-India clown. 

Nitin Gadkari, Minister of Road Transport and Highways of India, who is limelight because of massive potholes in highways (including the newly constructed Delhi-Dehradun Expressway) and collapsing bridges and tunnels, admits his two sons (Nikhil and Sarang) are benefiting from the E20 introduction but that is hardly the full picture. Nikhil is MD and promoter of CIAN Agro Industries Infrastructure Ltd while Sarang manages Manas Agro Industries - subsidiary of CIAN Agro. Following the rollout of E20, CIAN Agro revenue skyrocketed from INR 17–18 crore to some INR 510–523 crore in a single year. By the following year, its annual consolidated revenue crossed INR 1,000–1,200 crore. The company reported a net profit jump to INR 41.6 crore, later experiencing an explosive 441% jump to reach INR 222.69 crore for the full FY. But the auto sector may actually be happy with the public forced to dump their old cars and buy new ones.

There will be a host of experts-in-waiting ready to vouch that E20 doesn’t harm any car - new or old. But the Raipur District Consumer Disputes Redressal Commission has ruled in favour of a vehicle owner who complained that E20 petrol caused significant damage to his vehicle; recurring engine problems, including poor performance, misfiring and a gradual decline in efficiency, eventually major engine-related expenses. Also, petrol pump owners claim ethanol’s moisture-absorbing nature is contaminating fuel (https://www.thehindu.com/business/Industry/petrol-pump-owners-claim-ethanols-moisture-absorbing-nature-is-contaminating-fuel/article71225549.ece). If that was not enough, Maruti Suzuki has been ordered to replace a car damaged by E20 within 45 days or pay INR 20.5 lakh.

But the irony is that E20 has been forced upon the public without any testing (why?), while the hubris continues that there is no shortage of petrol, India has enough reserves, India is now exporting crude to Russia, significant natural gas reserves have been discovered in the Andaman offshore basin (with media drawing comparisons to massive global finds like in Guyana), plus new hydrocarbon/natural gas deposits found in Rajasthan's Dandewala field. The media also reveals that India has doubled its oil import from the US. Recent trade data indicates that crude oil imports from the US average around USD 523 per ton. Transporting oil from North America involves higher freight costs and longer voyage times compared to Middle Eastern or regional supplies, which adds to the landed cost.

Getting back to data breaches, will the rising corruption, skyrocketing prices and unemployment induce certain individuals to share data with anyone for a price? A recent news headline reads: “Govt tightens ISRO (Indian Space Research Organisation) rules as 120 scientists quit in a year”. The wave of resignations has disproportionately affected major research facilities, catching the agency off-guard. If this is the state in a premier organization under direct control of the Department of Space (DOS), which is overseen directly by the Prime Minister of India, what about other bodies? Besides, if the lure is a better pay package, can inimical forces lure an individual to share secrets for more money or under blackmail?

The author is an Indian Army veteran. Views expressed are personal.

About the author

Lt. Gen. Prakash Katoch

Lt. Gen. Prakash Katoch

He is a Special Forces officer with 40 years of service in the Indian Army. He is also the third generation army officer from his family. He was as director general of Information Systems. As a Special Forces officer , he participated in 1971 Indo-Pakistan War. He has commanded independent commando company in counter insurgency in North East, a special Forces Battalion in Sri Lanka, a Brigade on the Siachen Glacier, a Division in Ladakh, and a Strike Corps in semi-deserts. He served as India’s Defence Attaché to the Republic of Korea ( as Deputy Director General Military Operations (Special Forces)at Indian Army HQ). He was the Assistant Chief of Integrated Defence staff ( Strategic Operations). He has authored many articles on international relations, strategic affairs, national security, military, technical and topical issues, and contributes regularly to both Indian and foreign publications. A leading defense analyst, he is a visiting fellow in international think tanks and is active in seminars at both national and international levels. He has written a book on the Special Forces of India and also authored the book Indian Military and Network-Centric Warfare. He holds a master’s degree in Defence Studies and is an alumnus of the National Defence College of India.

He was elected as the Council member of USI (United services institution of India) and has held the Field Marshal KM Cariappa Chair of excellence for the year 2011-2012.

Leave a Comment