Context:
THE ASSAULT ON KAVERI 2.0: Kaveri 2.0 is a property registration portal in Karnataka, which saw a DDoS attack in December 2024, so the attacks ramped up in January and went on into February 2025. The system was essentially crippled using AI-powered bots; property registrations in the state were halted for days.
Key Highlights:
For this probably, some revenue loss has occurred, for sure, to the state government of Karnataka.
Timeline of Cyber Attacks on Karnataka Infrastructure Karnataka is known for cyber security breaches:
- 2017: WannaCry Ransomware Attack at State Data Centre.
- 2019: ₹11.5 crore taken from the e-procurement portal.
- 2o22: Cyber attack against NIMHANS (National Institute of Mental Health and Neurosciences).
- And the cyber security deficiencies were not addressed up till now.
- Poor Response
- No Coordination Initially, although the state cyber crime police were not scrambled into action, a complaint was received only on February 7, after the attack facilitated relative calm.
- The e-Governance Department treaded cautiously with regard to involving law enforcement, delaying the identification of the attackers. The trace of some IP addresses linked to the attack was generated, but early engagement of law enforcement would have improved real-time responses.
- Flawed Cyber Security Framework for Karnataka
- Run by bureaucrats, the Cyber Security Committees of Karnataka function without police representation whatsoever.
- In contrast, Indian national security architecture consists of
- Indian Cyber Crime Coordination Centre (I4C) connected with the Home Ministry.
- National Critical Information Infrastructure Protection Centre (NCIIPC) protects the critical infrastructure.
- Mechanisms like these are essentially required for Karnataka but will be effective only if developed under clearly defined Standard Operating Procedures (SOPs) to mitigate such attacks in times ahead.
