Restructuring of networks amid pandemic made India vulnerable to ransomware

The sudden rush to provide remote access to employees by restructuring network and security systems during the lockdown made India vulnerable to ransomware attacks in the third quarter of current year, according to cyber security firm Check Point Software Technologies.

Due to the immediate push, several IT companies were unable to scale up their cloud security postures which led to increased opportunity for cyber criminals to carry out attacks, Check Point Software Technologies India and SAARC Managing Director Sundar N Balasubramanian told PTI.

According to the company’s research, India was ranked second after the US among the top 5 countries most affected by ransomware attacks in the third quarter.

Sri Lanka, Russia and Turkey were at third, fourth and fifth position, respectively, in the list of most affected countries by ransomware attacks.

In a survey by Check Point, 71 per cent of respondents globally, including in India, reported an increase in cyberattacks during February-March 2020, and 95 per cent said they faced added IT security challenges with provision of large-scale remote access for employees and managing shadow IT usage.

“The pandemic outbreak resulted in lockdown restrictions being imposed, and working from home became a way of life for most employees. Organizations in India found themselves having to restructure their network and security fabrics overnight, compressing several years’ worth of IT changes into just a few weeks,” Balasubramanian said when asked about the reason for increase in cyberattacks in India.

He said that in the rush to enable remote access, many companies allowed connectivity from unmanaged home personal computers that often lacked basic cyberhygiene such as updated software patches, anti-malware, among others. Even personal mobile devices were allowed access to networks.

“In addition, many Infosec (information security) and DevOps (development and operations) teams rushing to the cloud did not scale their cloud security postures to the level of their traditional data centres. All this resulted in increased opportunities for cyber criminals to carry out…


India Inc third most targeted by malware attacks after US and Japan, report

Companies in India faced the third highest number of malware attacks after the US and Japan between March and December quarters, according to the latest cyberthreat report by Acronis, a Switzerland based IT and cybersecurity company. A total of 1168 malware attacks were detected per 1000 clients in a month in India during this period.

India also recorded the highest rates of video conferencing attacks with 66% of local companies being targeted by them, while 62% said they were overwhelmed with phishing attacks.

Around 56% of the companies reported a significant increase in IT expenditure to prevent the attacks. According to the report, the increase was twice the global average.

Several Indian organisations including Indian pharmaceutical company Dr Reddy’s, which is working on Russia’s Sputnik V covid-19 vaccine, was hit by a malware attack in October. Edtech firm Whitehat Jr and grocery e-tailer Bigbasket also reported data breaches recently.

“Year 2020 posed a tremendous number of challenges to IT professionals, organizations, and the service providers who support them. What we’ve seen is how quickly bad actors are adjusting their attacks to the new IT landscape,” Stas Protassov, co-founder and Technology President, Acronis, said in a statement.

Further, the Acronis report shows that ransomware detections in India increased by 7.8% in the September quarter alone.

Ransomware attacks have increased since the pandemic as per various other cybersecurity firms. Check Point Research detected a 50% increase in daily average of ransomware attacks in India in September quarter as compared to the first half of 2020. US with 98% increase in attacks was the only country that was ahead of India.

“When it comes to existing solutions and strategies, the current trends in cyberattacks all show that traditional cybersecurity is failing – globally and in India, it’s usually because of weak technologies and human error, which are both avoidable,” Rajesh Chhabra, global business development leader of Inside Sales, Acronis said in a statement.

The report forecasts that attacks targeting remote workers are going to increase in 2021, ransomware attacks…


Why digital India is vulnerable to new age cyber attacks

Even as governments and economies are coming to terms with the new normal and gearing up for long term impact of the crisis, technology innovators have been working overtime to design solutions which could help retain operations and growth. Supported by government policies and innovations in emerging technologies like AI, ML, IoT etc., India has been steadily inching towards a technology enabled economy.

However, with the rise of connected devices, efficient internet penetration, and widespread digitisation of multiple sectors, including education, finance, healthcare, retail, and even agriculture and logistics, comes the threat of cyber-attacks which can cause not only monetary losses but compromise data privacy and put the economy and lives in danger. As of the first quarter of 2020, India already recorded a 37% rise in cyber-attacks. Risks like data leakage, connection to unsecured Wi-Fi networks, phishing attacks, ransomware, spyware, apps with weak encryption (also known as broken cryptography) are some of the common cyber threats plaguing us. IoT and connected devices have also reported increased cases of data breaches.

Being the second largest consumer for smart devices and a country with one of the largest base of internet consumers, India continues to remain a sitting duck, vulnerable to several national and international cyber-attacks. Some of the key reasons for this vulnerability can be listed as:

  • Outdated systems and processes: While we do enjoy smart personal devices, a large part of corporate and business technology systems continue to depend on outdated or legacy infrastructure, with poor or inadequate cyber security protection.
  • Accelerated digital adoption, over a short span of time: The widespread digital adoption across public and private sectors, has left little or no time for the proper development of a backend cyber security infrastructure, putting a large amount of data at risk.
  • Limited understanding about cyber security: The understanding of cyber security and its prevention continues to be limited to installation of antivirus and malware protection software on individual computers/ devices. Even as cyber-crimes are getting more and…


Quick Heal Internet Security Review