Cyberattacks from China concern for Indian firms in post-covid world3 min read . Updated: 18 Nov 2020, 03:38 PM IST
- As per the survey, in India, ransomware, general malware, phishing and password attacks are the major concerns for organizations, with 90% of them threatened by e-crime
NEW DELHI : The pandemic has led to rising concern over cyberattacks globally, with cyber security experts worried about ransomware, phishing and other similar threats due to the digital acceleration in recent months.
India has been the worst hit by ransomware attacks in the Asia Pacific region, with 74% companies targeted this year, compared to Australia (67%), Japan (52%) and Singapore (46%).
More than one-third Indian organizations have paid $1-$2.5 million as a result of malware attacks in the last year, according to the ‘2020 CrowdStrike Global Security Attitude Survey’ by US-based cybersecurity technology company CrowdStrike.
The survey found that in India, ransomware, general malware, phishing and password attacks are the major concerns for organizations, with 90% of them threatened by e-crime, 77% concerned by hacktivists, followed by insider threats and threats from nation states. In fact, more than half of the organizations feel that nation-state attacks will be the biggest concern for 2021.
Due to rising geopolitical tension, cyber-attacks originating from China are a huge concern for Indian organizations, with majority of the respondents feeling most threatened by those originating from China followed by Pakistan (48%) and Russia (43%).
“This year has been especially challenging for organizations of all sizes around the world, with both the proliferation of ransomware and growing tensions from nation-state actors posing a massive threat to regions worldwide," said Michael Sentonas, chief technology officer, CrowdStrike. “Now more than ever, organizations are finding ways to rapidly undergo digital transformation to bring their security to the cloud in order to keep pace with modern-day threats and secure their ‘work from anywhere’ operations."
Last week, online grocer Bigbasket suffered a massive data breach following which details of more than 20 million users may have been leaked on the dark web. Data worth $40,000 ( ₹30 lakh) was sold according to cyber-security firm Cyble Inc.
Pharma companies Dr Reddy’s Laboratories and Lupin have faced cyberattacks too. Globally, attacks on companies that are conducting clinical trials on covid-19 vaccines have been on the rise. In June, delivery startup Dunzo had experienced a data breach in which the personal details of more than 300,000 accounts were leaked. The breaches come at a time when the lockdown has increased online activity, leading to a proliferation in phishing attacks.
Globally too, nation-state activity continues to weigh heavily on IT decision makers, as 87% of respondents agree that nation-state sponsored cyber-attacks are far more common than people think. As growing international tensions and the global election year have created a testing ground for increased nation-state activity, organizations are under increased pressure to resume operations despite the vulnerabilities caused by the pandemic.
In the wake of these threats, cyber-security experts have accelerated their digital and security transformation efforts to address the growing activity from e-crime and nation-state actors. While spend on digital transformation continues to trend upward, the covid-19 pandemic accelerated the timeline for many organizations, costing additional investment to rapidly modernize security tools for the remote workforce.
Survey respondents in the Asia Pacific region said that the greatest challenge when hiring cyber security professionals is there is not enough talent available in the market. Half of the Indian respondents felt it is difficult to hire cyber security personnel for a remote work environment while 44% feel it is easier to outsource cyber-security services than direct hiring because of lack of talent in the market and high salary expectations.
As digitization continues to accelerate, the risk of ransomware only rises, so it is important for organizations to improve their security by moving their infrastructure to the cloud and remaining diligent in their incident detection, response and remediation practices. According to data, ransomware attacks are surging, occurring as frequently as every 15 seconds and causing more than $11 billion in damages annually. According to Gartner, more than 50% of breaches are undetected for multiple months, which can lead to unrecoverable data corruption.
“Ransomware has become more sophisticated, evolving from encrypting data to deleting backups to now extracting copies of data, which increases the potential damage to your organization," said Stephen Manley, Chief Technology Officer, Druva. “Combating these new malicious attacks requires a comprehensive solution. Now, customers can leverage multi-layered ransomware protection and recovery to defend against data loss, accelerate incident response, and simplify recovery, so they can reduce downtime."