Spurt in cyber attacks on Indian firms and users in times of Covid-19

Some of those whom the pandemic has left jobless are resorting to cyber crimes to make quick money, while there is increased activity from Chinese hackers as well

A few weeks back, students at Jain Heritage School in Bengaluru were in for an unpleasant experience. In one of their daily lectures on Zoom, an unauthorised person entered the chat-room and hurled abuses at the group. The teacher immediately suspended the class and the matter was reported to the police.

The incident is one among the many instances of cyber hacks in the recent past. With the pandemic having forced people indoors, everything from education to healthcare and socialising has moved to digital platforms. In some cases, this has left users’ data and secured communication potentially exposed to hackers.

There has been a marked increase in phishing attacks and hacking of social media accounts of prominent persons, according to various reports. Phishing attacks are disguised communication aimed at accessing users’ bank account details and duping them of money. Enterprises have turned vigilant.

As the pandemic has left many people jobless, some are resorting to cyber crimes to make some quick money, which is one of the reason for the rise, said cyber-security experts. The other issue is an increased activity from Chinese hackers. On June 23, Maharashtra’s Cyber Security Cell made public that India received over 40,000 hack attempts from China over the previous four or five days. The hacks were targeted at Indian sites related to information, infrastructure and banking, and originated from Chengdu area of China.

“The pandemic is proving to be not only a health, economic, political or social hazard but also a cybersecurity scare as well. Digital hygiene is the need of the hour and CISOs (chief information and security officers) need to protect organisations from disruptive attacks,” said Murali Rao, partner and cyber security leader, at EY India. 

A recent survey by EY conducted among 190 C-suite leaders, concurred that at least 73 per cent of organisations perceived cyber security risk as “significant”, and cited that attacks have become more frequent over the past 12 months.

Modern-day hacks typically fall in one of three categories: trojans, backdoors, and droppers. Trojans and backdoors are malware that give an attackers remote control over a computer by disguising a secured a login page, while droppers are designed to install some sort of malware to a target system. An attacker can employ one or multiple of these techniques to hack into a systems for purposes ranging from stealing data to carrying out unauthorised transactions. There is a thriving market of personal data on the dark web.

Moreover, every website on the internet has certain trackers, known as cookies. These track users’ activity on the said website, or sometimes on the broader internet, for the purpose of understanding their behaviour. While the tracker policy is clearly defined in case of well-known websites, it may not be so on others, which leads to unauthorised spying, said Sanjay Katkar, chief technology officer of Quick Heal Technologies. “As consumers adopt more and more digital technologies, it simply makes them vulnerable to threat actors who can easily bank on this opportunity.”  Quick Heal has come up with a new Anti-Tracker solution to plug this gap.

For enterprises, Shree Parthasarathy, partner and national leader at Deloitte India’s cyber risk division advises a five step security approach. These include a multi-factor authentication for all corporate services like emails and collaboration tools; identification of critical data and where they are stored; regular upgradation of patches on systems; real-time monitoring of critical infrastructure; and cyber security training for employees.

“A robust and consistent layer of identity and access management built with a multi factor authentication and encryption policy will help in aligning a thoughtful cyber security policy to overcome the dual crisis hovering over the country,” said Parthasarathy.

Top Malware types

Trojans: 25%

Backdoors: 24%

Trojan-Droppers: 23%

Adwares and others: 14%

Ransomware: 6%

Spyware: 4%

Exploits: 2%

Downloaders: 1%

Source: Kaspersky Threat Intelligence

Enable GingerCannot connect to Ginger Check your internet connection
or reload the browserDisable in this text fieldEditEdit in GingerEdit in Ginger×