India Witnessed Spike in Cyber Attacks Amidst Covid-19
The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity.
With increased remote working for better business continuity, employees are using numerous Internet tools. As businesses and people have started relying more on technology and are busy fighting with the pandemic, the attackers now have plenty of options to target them more than ever.
According to PWC's April report, the number of security threats to the Indian company doubled in March 2020—especially what's more worrying is a 100% rise between March 17 and 20—from Jan 2020.
Sanjay Dhotre, the Union Minister of State for Electronics & Information Technology (MeITY), said that India has seen over 350,000 cyberattacks in the second quarter, triple the number of recorded events in the first quarter of 2020. He also highlighted that there were 700,000 cybersecurity incidents until August 2020.
According to ACRONIS Cyber Readiness Report 2020, 31% of companies worldwide are faced with at least one cybersecurity incident per day. However, India reported twice as many cyberattacks per day, where most of the cyberattacks comprise phishing, DDoS, video conferencing, exploiting weak services, and malware.
The phishing campaign is the most worrying attack as they attained the peak during this pandemic. Though malware hit fewer numbers, it remains a more critical issue in India – reports almost 2x times Malware issues than the global average.
Further, 39% of all organizations surveyed experienced video conferencing attack. Among them, India, Canada, Switzerland, and the UK are the most affected countries.
Coronavirus themed phishing emails and malicious websites claiming useful information on COVID-19 have emerged as the top threats to the companies. Also, 400,000 new ransomware assaults are recognized from April – June 2020 as per the report of Seqrite.
Most of these cyber-attacks were succeeded by obtaining access to a remote system by exploiting vulnerable services.
Why is India So Vulnerable to Cyberattacks?
Increased use of the Internet and Mobile technology — The NITI Aayog report states that India positions 3rd rank in the list of the highest number of internet users worldwide after the USA & China. With the exponential rise on the Internet and mobile phone users, there is a significant rise in the number of cyberattack incidents in India and globally.
Ignoring Internal Security Threats — Enterprises are more focused on guaranteeing business continuity with seamless operations than bridging the gaps in their remote infrastructure. If sensitive data flows between various departments without a proper monitoring and logging process, then it becomes tricky to identify the loopholes in case any attack happens.
Confronting External Threats — With the ever-increasing external threats, an organization can't be 100 % prepared. Only a few Indian companies maintain security measures in place like Web Application Firewalls to monitor external threats and stop cyberattack incidents as and when they happen.
Detectable Weak Points During Remote Work — The main weak points, which get exposed during the sudden shift to remote work include Weak Authentication Techniques, Insufficient Monitoring, and Exposed Servers (DNS, VPN, RDP, etc.)
Moreover, many employees usually ignore personal online security hygiene. With this 'work from anywhere culture,' employees begin to access their personal emails as well as social media sites on their official machine.
Overall, with the merging of the personal and work-life online, cyber-attacks can easily occur through unsecured personal accounts.
Missing Expertise in Cloud Technology — To ensure ease of accessing the data from any device and anywhere, many companies have adopted cloud technology.
However, they don't have adequate in-house resources to manage and protect APIs, SaaS, or containers. The increasing number of poorly configured cloud architectures will inevitably open doors for the attackers.