With internet penetration fast spreading to India’s emerging cities for the small and medium enterprises (SMEs), a new threat has emerged.
According to Symantec, a leading security software company, SMEs are now more vulnerable than before to cyber attacks, since they have become part of a larger ecosystem.
Shantanu Gosh, VP and MD, India Product Operation, Symantec, says that with employees, consultants and vendors all being connected through technology, there are now more avenues for both theft of corporate intellectual property — such as the design of a tractor manufacturing unit — for malicious purposes and unintentional leakages.
In fact, cyber criminals are now focusing more on organisations that are part of supply chains or partner-ecosystems of larger companies, as they are less defended.
According to Symantec’s Internet Security Threat Report (ISTR, volume 17), 18 per cent of attacks target companies with fewer than 250 employees. Besides, 58 per cent of attacks target non-executives and employees in roles such as human resources, public relations, and sales.
“Individuals in these jobs may not have direct access to information, but they can serve as a direct link into the company,” the report says.
More From This Section
ISTR reveals that a whopping 25 per cent of bot-infections were found in emerging India in 2011. (A bot is an infected computer that can be remote-controlled by cyber attackers, unknown to the victim, and used to launch various attacks, including spam and phishing).
Of this, Chandigarh ranked fifth among the top bot-infected smaller cities in India. “Phishing attacks are on the rise on .in domains and in July, Mohali (near Chandigarh) featured in the list of top ten cities that hosted phishing sites in India of non-Indian brands.” With emerging cities acquiring a higher profile, it is SMEs that are facing the threat, Ghosh explains, because emerging cities are also hubs for smaller businesses.
ISTR found that 50 per cent of attacks targeted businesses with fewer than 2,500 employees and one in five attacks targeted businesses with fewer than 250 employees.
Ghosh said low awareness levels among SMEs while choosing IT solutions for information protection made them vulnerable targets for cyber attacks.
Symantec also says that increasingly, small businesses are using mobile technology to run their businesses and improve productivity, but not all have dedicated IT staff to manage their mobile devices. This makes them even more vulnerable to cyber attacks.
Ghosh said computer security software can not only thwart potential online dangers such as malicious malware, spam threats and scams, but is also essential to store and optimise the data being created daily by businesses. SMEs need to realise the potential danger and act swiftly, he said.