With the G20 Leaders’ Summit in New Delhi just around the corner, multiple agencies are leaving no stone unturned to ensure the event’s cybersecurity is impervious to cyber threats. Experts from various organizations are working tirelessly to safeguard the summit’s main website and critical information infrastructure from potential cyberattacks.
According to insiders familiar with the situation, a formidable coalition of cybersecurity experts and agencies, including the Computer Emergency Response Team (CERT-In), National Critical Information Infrastructure Protection Centre (NCIIPC), I4C (Indian Cybercrime Coordination Centre), Delhi Police, Intelligence Bureau (IB), Research and Analysis Wing (R&AW), National Investigation Agency (NIA), Central Bureau of Investigation (CBI), and various other ministries, are collaborating to protect the G20 Leaders’ Summit from cyber threats.
The Cybersecurity Battle Plan
The joint effort involves a comprehensive strategy that spans dark-web monitoring, social media platform surveillance, and dedicated teams of experts working around the clock. Their primary mission is to identify and rectify vulnerabilities in the G20’s cyber-security apparatus, with a specific focus on thwarting potential ransomware attacks, phishing attempts, and denial-of-service (DoS) attacks during the high-profile event.
Cybersecurity agencies have learned from past experiences and are determined to stay one step ahead of cybercriminals. Several instances of cyberattacks targeting similar international summits have been documented in recent years, making the protection of sensitive data and critical infrastructure a top priority.
Learning from Past Incidents
In 2020, an Iranian credential harvesting campaign aimed at high-profile individuals within non-governmental organizations (NGOs) made headlines. Spear-phishing emails, seemingly sent by organizers of the G20 Summit and the Think 20 (T20) Conference in Saudi Arabia, were used to target unsuspecting users. This incident served as a stark reminder of the persistent threat posed by cyber attackers.
More recently, in 2022, a Linux variant of the ANGRYREBEL malware was used to target mail and web servers belonging to government entities, educational institutions, retail businesses, and IT organizations across South and Southeast Asia. During this campaign, the mail servers of the G20 Bali Summit in Indonesia also fell within the crosshairs of cybercriminals.
These incidents are part of a larger trend, dating back to the spear-phishing attack that occurred during the Paris G20 Summit in February 2011. Phishing emails and malware attachments were dispatched to French Ministry of Finance officials with the aim of accessing classified G20 documents. In June 2017, the Hamburg G20 Summit faced a similar threat, and the Brisbane G20 meeting in 2014 witnessed the leakage of private data belonging to G20 attendees.
A Defiant Response
As the G20 Leaders’ Summit approaches, India and its collaborating agencies are sending a clear message to cyber attackers: they are ready to protect the event with the full force of their cybersecurity capabilities. The battle in cyberspace is on, and the world will be watching closely to see if these efforts can keep the summit’s digital infrastructure secure from the relentless onslaught of cyber threats.