A cyberattack is any attempt to gain unauthorized access to a computer, computer system, or computer network with the intent to cause harm. The goal of cyber-attacks is to disable, disrupt, destroy, or control computer systems, or to change, block, delete, manipulate, or steal data stored on those systems.
A cyberattack can be launched from anywhere by an individual or group using one or more different attack strategies.
WHY DO CYBER ATTACKS HAPPEN?
Most cyber-attacks happen because criminals want:
- Financial data of the company
- Customer financial data (e.g., Credit card data)
- Sensitive personal data
- Customer or employee email addresses and login details
- Customer database
- Client lists
- It infrastructure
- It services (e.g., The ability to receive online payments)
- Intellectual property (e.g., product designs or copyright)
Cyber-attacks against businesses are often prudent and motivated by financial gains. However, other motivations may include:
- Making a political or social point
- Espionage
- Intellectual challenge
TYPES OF CYBER ATTACKERS: INSIDERS AND OUTSIDERS
Cyber attackers generally fall into two categories: those who pose a threat to the business from outside the organization, and those who pose risks from within.
Insiders
Anyone with physical or remote access to the organization’s assets can expose to cyber risk. For example:
- Trusted employees accidentally introduce incorrect information
- Negligent employees neglect policies and procedures
- Disgruntled employees or former employees with the intent to harm the business
- Malicious insiders with legitimate access to systems and important information
- Business partners, clients, vendors, and suppliers with access to the critical assets can pose insider cybersecurity threats.
Outsiders
External cybersecurity threats can come from a variety of sources, including:
- Organized criminals or criminal groups
- Professional hackers – malicious or not
- Wannabe hackers also known as amateur hackers
RECENT STATISTICAL ANALYSIS ON CYBER ATTACKS:
According to the government, there have been 674,021 cyber-attacks in the country this year through June, which translates to roughly 3,700 cyber-attacks per day. India does not even have a central cyber security policy yet.
From 2019 to last month, over three million such cases were reported in the country.
According to a study by Cloud wards, 37% of all businesses and organizations were hit by ransomware in 2021, and of all 32% paid the ransom, but only recovered 65% of their data.
Indian businesses with an online presence remained one of the primary and main targets of cybercriminals throughout 2021. The report said 76 percent of organizations in the country suffered at least one ransomware attack in the past 12 months.
Around 2,000 of the Indian websites were hacked in June-July 2022. This is one of the most serious cyber-attacks on India in the recent past.
The biggest, widespread and most damaging threat to small businesses is phishing attacks. Phishing accounts for 90% of all breaches faced by organizations, has grown by 65% in the last year and accounts for over $12 billion in business losses.
In 2022, we will likely see social engineering attacks such as phishing and email spoofing continue to evolve to include new trends, technologies and tactics.
FIVE MAJOR SECTORS AFFECTED BY CYBER ATTACKS:
1.Education sector:
The education sector is one of the most vulnerable sectors to malware in India, with the sector accounting for more than 30 percent of cyber threats targeting businesses in the country between July and September 2019, according to a report by Seqrite, the enterprise IT security arm. by Quick Heal Technologies.
In August 2021, Checkpoint reported that India experienced the highest number of attacks with an average of 5,196 attacks per week on an educational or research organization. This represented a 29 percent increase from the first half of 2021. This sector requires a lot of attention, as many of them have faced problems during the pandemic period, both for organizations and end consumers.
Since the meetings and courses were conducted through Zoom Meetings and Google Meet, some of the meetings were hijacked. Additionally, many people, even with their microphones and cameras turned off, could be heard and seen by others. More troubling violations are those involving student safety. Educational institutions are entrusted with the responsibility of protecting their students, many of whom are minors, but a weak cyber security infrastructure can put them at risk.
2.Health sector:
Healthcare is the second sector in the list of top 10 sectors attacked by malware in India. In 2019, US cybersecurity firm FireEye reported that hackers breached a leading Indian healthcare site, stealing 68,000 records containing information about patients and doctors.
Dr Reddy’s Laboratories and Lupine reported cybercrime incidents in 2020 that affected several internal IT systems. This led to thousands of patient data being leaked and made available online. Ransomware affects healthcare the most out of all industries, as it can seriously damage a company’s reputation and ultimately affect its ability to provide care.
3.Government/Military sector:
Defenders of the Nation – The military industry has also been hit by malware in India. In June 2021, a Chinese state-backed hacking group targeted Indian defense research and other Indian organizations.
This was not the first time the Chinese attacked Indian defense/government systems. In 2008, Indian government officials told the Times of India that Chinese hackers were trying to break into servers every day – this included target such as the National Information Centre, the National Security Council and the Ministry of External Affairs. Such cases conclude that India still has a long way to go compared to the cyber capabilities of other developed countries.\
4.Banking sector:
The banking industry also faces attacks and can be the most devastating as the most dangerous attack can wipe out the entire bank balance. One of the biggest cases was in 2018 when Cosmos Bank was targeted. During the attack, the hackers siphoned off Rs 94.42 crore. Hackers hacked into the bank’s ATM server and took all the card details and wiped money from 28 countries and immediately withdrew the amount as soon as they were informed.
In same year 2018, Canara Bank ATM servers were targeted. According to sources, more than 300 users’ ATM details were hacked by attackers and Rs 20 crore was wiped from various bank accounts.
Another instance was when researchers reported on September 22, 2021 that Android phone banking customers in India were targeted by the Drinik banking trojan. The malware stole users’ personal information and funds using phishing techniques. They show that this requires an urgent solution, where financial institutions and banks must work on security.
5.Software Publishers:
These software vendors are also vulnerable to malware attacks and one such case in India was when Nucleus Software Exports, an Indian company that provides lending software to banks and retail stores, suffered a huge ransomware attack that not only crippled some of its internal networks but also breached its encrypted sensitive business information.
The incident occurred in May 2021, when the malware involved was ransomware, identified as Black Cocaine, but more commonly known as Epsilon Red. This shows how security systems need to be improved as a ransomware gang was able to infiltrate a major financial software vendor.
MEASURES TO PREVENT CYBER ATTACKS:
- One of the most effective ways to protect against cyber-attacks and all types of data breaches is to train employees in cyber-attack prevention and inform them about current cyber-attacks.
- Cyber-attacks often occur because systems or software are not fully up-to-date, leaving vulnerabilities. therefore, keep the software and systems fully up-to-date.
- Placing the network behind a firewall is one of the most effective ways to defend against any cyber-attack. A firewall system will block any brute force attacks on the network and/or systems before they can cause damage.
- In the event of a disaster (often a cyber-attack), there is a need to have the data backed up to avoid serious downtime, data loss, and serious financial loss.
- It is important to control who has access to the computers. Having a perimeter security system installed is a very good way to stop cybercrime as well as burglary!
- Endpoint protection protects networks which are remotely bridged to devices. Mobile devices, tablets and laptops that are connected to corporate networks provide access routes to security threats. These paths needs to be protected with particular endpoint protection softwares.
- A separate login for each employee will help reduce the number of attack queues.
- Managed admin rights and blocking the employees from installing or even accessing certain data on the network is beneficial for the security.
- Setting different passwords for each app is a real benefit to the security, and changing them frequently will maintain a high level of protection against external and internal threats.
Apart from the above,
The government has also taken a number of measures to improve its cyber security posture and prevent cyber-attacks, including regularly issuing alerts and advisories on the latest cyber threats and vulnerabilities, and counter different measures to protect computers and networks.
REFERENCE LINKS:
https://economictimes.indiatimes.com/topic/cyber-attack-on-indian-companies
https://www.nibusinessinfo.co.uk/content/impact-cyber-attack-your-business
https://leaf-it.com/10-ways-prevent-cyber-attacks/
https://heimdalsecurity.com/blog/companies-affected-by-ransomware/
*****
-JINAL JAIN,
CHENNAI
Author Bio
