On October 2, a cyber attack took place on the Uttarakhand State Data Center causing widespread disruption to several government websites and services, triggering a swift response from local and central authorities. The breach occurred within a brief 10-minute window between 2:45 PM and 2:55 PM, forcing the shutdown of systems supporting critical operations such as treasury functions, police case filings through the Crime and Criminal Tracking Network and System (CCTNS), and other essential e-governance services. The hackers left a ransom demand on the servers of the State's Information Technology Development Agency (ITDA), seeking payment to restore the compromise.
The authorities refused to fulfill the ransom demand and instead a Special Investigation Team (SIT), alongside central agencies such as the Indian Cyber Crime Coordination Centre (I4C), CERT-In, and the National Critical Information Infrastructure Protection Centre (NCIIPC), launched an immediate probe.
Forensic investigations have been initiated to determine how the malware infiltrated the system. According to the initial reports, the virus may have entered through an unauthorized application, though the possibility of a targeted cyberattack is still being examined. The Cyber Crime Police Station has filed an FIR under sections of the Information Technology Act for unauthorized access and system tampering.
Expert teams, including the Uttarakhand Special Task Force (STF) and ITDA cyber experts, have spent days scanning and sanitizing the affected systems. They recovered vital digital logs and virus files, which are being analyzed to strengthen defenses. Despite the government’s efforts to restore services, around 15 to 20 websites remain offline due to outdated operating systems. ITDA officials have decided to rebuild these websites from scratch with enhanced cybersecurity measures to ensure their safe return to public access.
By Monday, important services like e-filing in the Secretariat and treasury operations in Dehradun were restored. Also, the salary and pension disbursements resumed. The swift response from central agencies has been well-received, and their ongoing collaboration is expected to provide further insights into the breach and strengthen future cybersecurity measures.
ITDA has also taken steps to bolster its internal infrastructure, making permanent appointments, including positions to manage the State Wide Area Network (SWAN) and the State Data Center. A Chief Security Officer is expected to be appointed soon as part of ongoing efforts to reinforce cybersecurity and prevent future incidents.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.