Kaveri 2.0 Cyberattack

  • 22 Feb 2025

Tags:

In News:

In January–February 2025, Karnataka's property registration portal, Kaveri 2.0, faced major disruptions due to a Distributed Denial of Service (DDoS) attack, severely affecting property registrations and revenue generation. The portal, launched in 2023, is a key component of the state's e-governance infrastructure.

What is a DDoS Attack?

A Distributed Denial of Service (DDoS) attack aims to disrupt a server, service, or network by flooding it with excessive traffic, rendering it inaccessible to legitimate users.

How it works:

  • Botnet Formation: Hackers compromise multiple devices using malware, turning them into bots.
  • Traffic Overload: These bots generate huge volumes of fake traffic directed at the target system.
  • Service Disruption: The targeted service slows down or crashes, affecting user access.

Types of DDoS Attacks:

  • Bandwidth Saturation – Exhausting the target's internet capacity.
  • Protocol Exploitation – Abusing vulnerabilities in network protocols.
  • Application Targeting – Crashing specific applications or services.

Kaveri 2.0 Case: AI-Based DDoS Attack

  • The Stamps and Registration Department (SRD) of Karnataka confirmed that the portal was targeted using AI tools that generated over 20 lakh fake search queries per day—far beyond its capacity of 2.5 lakh.
  • These queries mainly targeted services like Encumbrance Certificate (EC) searches, causing widespread slowdown and outages.
  • On February 1, only 556 property registrations occurred, compared to the usual 8,000–9,000 daily, with revenue dipping to ?15.18 crore from an average of over ?62 crore.
  • After mitigation, services were restored by February 7, returning to normal levels of 7,225 registrations and ?62.59 crore in revenue.

Impact of DDoS Attacks on Public Services

  • Operational Disruption: Essential citizen services are halted, creating public inconvenience.
  • Financial Loss: Delayed transactions and reduced revenue, as seen in the Kaveri 2.0 case.
  • Reputational Damage: Public trust in digital governance platforms may erode.
  • Cybersecurity Risks: DDoS attacks can mask more sophisticated intrusions.

Preventive Measures

  • Traffic Filtering: Using AI tools to detect and block abnormal traffic.
  • Rate Limiting: Restricting the number of queries per user/IP.
  • Bot Detection: Implementing CAPTCHAs and behavior analysis.
  • Robust Authentication: Enhancing security for administrative access.
  • Incident Response Teams: Dedicated cybersecurity units to respond to threats promptly.