New Delhi: While Operation Sindoor was on, the National Stock Exchange (NSE) was targeted “40 crore” times in ten minutes by hackers who wanted to shut down its website, the bourse’s CEO Ashish Kumar Chauhan told ThePrint.
Speaking at Off The Cuff hosted by ThePrint’s Editor-in-Chief Shekhar Gupta in Mumbai Thursday, Chauhan said that on an average the Exchange records about 20 crore cyberattacks every day and that steps have been taken to thwart them successfully.
Chauhan said it was “an unfair game” because he has “to be right every time” but “the attacker has to be right only once”.
In the immediate aftermath of the terror attack in Kashmir’s Pahalgam and the consequent Operation Sindoor, millions of attempts were made by suspected Pakistan hackers on military and defence related sites besides those of stock exchanges and private companies.
The cyberattacks were largely thwarted, though the hackers did get some minimal success. The website of the Armoured Vehicle Nigam Ltd, a defence public sector unit, was defaced to display a Pakistani flag and the Pakistan Army’s Al Khalid tank.
Giving details of the hacking attempts during Operation Sindoor, Chauhan said, “In ten minutes, we got 40 crore attacks to close down our websites.”
But, the CEO explained, even a successful hacking of the NSE website would not disrupt the trade because the two worked on separate networks.
He said that the hackers “were naturally motivated”.
“Obviously, it is our job to protect our assets. Three years back, on a normal day, we used to get 3 crore attacks. Today, I get 20 crore attacks,” Chauhan said.
Op Sindoor was a military campaign launched by India on 7 May 2025 in response to the Pahalgam terror attack on 22 April. The four-day conflict, which lasted from 7-10 May, saw multiple phases of strikes before a ceasefire was agreed upon.
The NSE CEO explained that attackers have become robotic and work as a ‘pay for use’ concept. “So, you pay them 10 dollars and they will attack you one crore times. You pay them 20 dollars and they will attack twice, and so on. With AI, it will be even worse.
“I have to be successful each time but they have to be successful only once. It is a very unfair game but that is the game I am in. I can keep on crying but I have a job to do,” he said.
Chauhan explained that while the cyberattacks originate from once place, the “slaves”– a term used for spyware–are sent to servers located in other countries first.
“And then they give a signal to attack now… It may come from America, but has been triggered by someone sitting in another country. So we don’t believe where the server is…is the actual attacker because it comes from all over,” he said.
The NSE system was good enough to withstand all the cyberattacks.
“We have increased our investment, tried to source the best technology on cyber security from across the world, test them, implement them, keep checking through our own algorithms,” he said.
NSE, the CEO said, pays third-party companies and hackers to attack their servers, so that any gaps can be plugged in their security apparatus.
“There are many things that I can’t tell you. It is a full-day job for literally thousands of people at NSE,” he said.
(Edited by Prerna Madan)
Also Read: Swiss report should now close Op Sindoor debate. Knowing when to stop the fight is key too