NCERT issues high alert over rising cyber threats amid regional tensions

The National Cyber Emergency Response Team (NCERT) has issued a high-priority advisory warning of increased cyber threats in light of escalating regional tensions, urging government institutions and critical service providers to take immediate preventive action.

As per media reports, the alert cautions that state-sponsored groups, hacktivist networks and cybercriminals may attempt to exploit the current geopolitical environment to target sensitive infrastructure. Officials said such instability has historically been accompanied by coordinated cyber campaigns.

According to the advisory, potential attack methods include spear-phishing, deepfake content, distributed denial-of-service (DDoS) attacks and advanced persistent threat (APT) operations designed for espionage and system disruption. The document states that urgent steps are required to safeguard national security and maintain public confidence.

NCERT identified defence facilities, financial institutions, energy grids, telecom infrastructure and government departments as high-risk targets. Media outlets and journalists were also flagged as vulnerable, particularly to disinformation and synthetic media campaigns.

The advisory outlined possible impacts such as unauthorised access to official portals and verified social media accounts, breaches through third-party vendors, service outages in transport and power systems, data theft from military and government networks, ransomware incidents and coordinated misinformation operations aimed at influencing public perception.

Among the immediate concerns highlighted were DDoS attacks on emergency systems, deepfake material impersonating senior officials, targeted phishing campaigns against civil and military personnel, malicious mobile applications posing as news or finance platforms, and credential-stuffing attacks using compromised passwords.

NCERT attributed the threat landscape to a combination of ideologically driven actors, state-backed APT groups exploiting zero-day vulnerabilities and financially motivated cybercriminals.

The advisory recommended measures including deployment of mobile threat defence solutions, application whitelisting and mandatory multi-factor authentication, preferably using FIDO2 passkeys instead of SMS-based verification.

Organisations were also advised to promptly patch VPNs, firewalls and operating systems, use end-to-end encrypted platforms for sensitive communications and avoid personal messaging apps for official matters. Enhanced monitoring through Security Information and Event Management systems and deep packet inspection was also recommended.

For longer-term resilience, NCERT proposed restricting foreign IP access to sensitive systems, conducting supply-chain security audits, implementing Zero Trust Architecture models and strengthening encryption protocols for stored and transmitted data.