Where will lip service to cyber security lead us to, no one knows? The Indian Council of Agricultural Research (ICAR) suffered a severe cyberattack in March-April 2025, leading to the loss of vital data covering recruitment records, research projects, email communications, and administrative functions. The breach affected the main server in Delhi and a backup server at the National Academy of Agricultural Research Management (NAARM), disrupting key bodies like the Agricultural Scientists Recruitment Board (ASRB) and related institutes.
We are not aware as to what remedial action was taken in real time. Following the breach, ICAR formed a six-member inquiry committee headed by Dr. D K Yadava to investigate and recommend fixes. The head of the committee does not come from the cyber security background. It was like any other standard or sub-standard committee of the government. The expertise and competence of other members remains unknown in the public domain. The report pointed out that negligence led to breach. As a result, the director of the ICAR data center was removed just days before his term ended.
CERT-In also began an independent inquiry due to the serious nature of the data loss. No one knows what CERT-IN was doing since the breach. Was any criminal case registered, if so, where has the investigation reached? The incident exposed significant cybersecurity gaps in ICAR’s infrastructure, reflecting inadequate preventive measures and poor readiness against cyberattacks. Persistent technical issues and missing crucial data highlight ongoing vulnerabilities. We never run short of promises; ICAR has pledged to strengthen data security.
Data protection is a fundamental right, if we take it as a direct corollary of the right to privacy. Accountability rests with the leadership and IT management, who must enforce strict data protection policies, ensure modular and resilient backups, and improve cyber hygiene across all departments. This breach is a wake-up call for ICAR and similar research entities to prioritize cybersecurity as a foundation for safeguarding India’s agricultural innovation. Management buy-in and investment in tech and tech resources only can make the difference.
CRITICAL DATA RELATED TO RESEARCH AND INNOVATION BEING COMPROMISED IS A MOCKERY OF THE R&D ESTABLISHMENT ITSELF.
Sanjay Sahay
Have a nice evening.