Don’t miss the latest developments in business and finance.

Beware of the virus attack

Image
M Saraswathy Mumbai
Last Updated : Jan 20 2013 | 2:43 AM IST

Just prior to an important festival, the Future Bazaar website came under a vicious DDOS (Distributed Denial of Service) attack, which made it inaccessible for two to three days. For an online shopping site, which relies heavily on festive season to increase sales, this was the worst hit. However, FutureBaazar activated shopping via telephone.

Unfortunately, when the website itself is down, shopping via telephone does reduce the online sales drastically. Online customers were not able to access FutureBaazar websites and were left wondering what had happened.

In this attack, FutureBaazar.com servers received millions of hits from various IP addresses, which had an effect on its bandwidth and the capacity of the servers to handle this unusual spike in traffic. This resulted in legitimate customers being unable to access the website, leading to loss of revenue. Inability to serve customers is not the only loss but the efforts put in order to bring the site online is also an expense. Along with this, organisations hit by an attack always ensure they conduct an additional audit of their IT infrastructure, which is an additional expenditure to their IT budget and can be termed a revenue loss.

Threats to one’s data security have been a serious concern. Electronics major Sony is a typical example. It faced several attacks in the recent past, including phishing attacks and customer password hacking. According to the Security Threat Report organisations across India spent an average of $7.2 million (Rs 32 crore) in 2010 to deal with damages caused by data breaches. This year, the damages would be 10-15 per cent more than last year’s figure, according to security service provider eScan. Govind Rammurthy, CEO & managing director, eScan Antivirus, says, “Security breaches are taking place frequently in India. However, companies do not like to accept the fact that their site security has been breached.”

The measures that eScan advocates include having patch—up server/OS software with, latest security updates, firewall and IPS detection, policy— based user privileges, IT support escalation processes and change notifications to be implemented at data storage servers.

According to web security consultancy services ‘zsecure’, HDFC Bank, ShareKhan, Idea cellular were some of the portals that faced SQL injection vulnerability (security of the website vulnerable to attacks). HDFC Bank took 22 days to respond to zsecure’s mail expressing concern over the issue. The 2011 Verizon Data Breach Investigation Report said the number of breaches in 2011 rocketed to 760 from 141. Just last week, in fact, about 210,000 user passwords were compromised.

Also Read

First Published: Nov 21 2011 | 12:37 AM IST

Next Story