India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why?
The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity.
With increased remote working for better business continuity, employees are using numerous Internet tools. As businesses and people have started relying more on technology and are busy fighting with the pandemic, the attackers now have plenty of options to target them more than ever.
Key Cybersecurity Crises in Numbers
According to ACRONIS Cyber Readiness Report 2020, 31% of companies worldwide are faced with at least one cybersecurity incident per day. However, India reported twice as many cyberattacks per day, where most of the cyberattacks comprise phishing, DDoS, video conferencing, exploiting weak services, and malware.
The phishing campaign is the most worrying attack as they attained the peak during this pandemic. Though malware hit fewer numbers, it remains a more critical issue in India – reports almost 2x times Malware issues than the global average.
Further, 39% of all organizations surveyed experienced video conferencing attack. Among them, India, Canada, Switzerland, and the UK are the most affected countries.
Coronavirus themed phishing emails and malicious websites claiming useful information on COVID-19 have emerged as the top threats to the companies. Also, 400,000 new ransomware assaults are recognized from April – June 2020 as per the report of Seqrite.
Most of these cyber-attacks were succeeded by obtaining access to a remote system by exploiting vulnerable services.
Why is India So Vulnerable to Cyberattacks?
Ignoring Internal Security Threats — Enterprises are more focused on guaranteeing business continuity with seamless operations than bridging the gaps in their remote infrastructure. If sensitive data flows between various departments without a proper monitoring and logging process, then it becomes tricky to identify the loopholes in case any attack happens.
Confronting External Threats — With the ever-increasing external threats, an organization can't be 100 % prepared. Only a few Indian companies maintain security measures in place like Web Application Firewalls to monitor external threats and stop cyberattack incidents as and when they happen.
Detectable Weak Points During Remote Work — The main weak points, which get exposed during the sudden shift to remote work include Weak Authentication Techniques, Insufficient Monitoring, and Exposed Servers (DNS, VPN, RDP, etc.)
Moreover, many employees usually ignore personal online security hygiene. With this 'work from anywhere culture,' employees begin to access their personal emails as well as social media sites on their official machine.
Overall, with the merging of the personal and work-life online, cyber-attacks can easily occur through unsecured personal accounts.
Missing Expertise in Cloud Technology — To ensure ease of accessing the data from any device and anywhere, many companies have adopted cloud technology.
However, they don't have adequate in-house resources to manage and protect APIs, SaaS, or containers. The increasing number of poorly configured cloud architectures will inevitably open doors for the attackers.
The Pandemic Landscape Demands Modern Protection
Here are the golden tips to keep you away from these recent cybersecurity incidents:
- Train your employees in security principles
- Be cautious with attachments, links, or text received via emails, especially with a subject line related to COVID-19
- Frame robust remote work policy
- Use only trusted sources like legitimate websites for up-to-date information
- Don't disclose your financial or personal information in an email or phone calls from unknown persons
- Encourage the use of office devices only for official purpose
- Don't reuse passwords between different accounts and applications
- Take data backups and store it separately
- Use multi-factor authentication
- Modernize your stack with Cloud-based WAF, such as AppTrana, a next-generation cybersecurity protection suite that includes vulnerability assessments, virtual patching, zero false positives, DDoS attack prevention, and many more features.
In the cybersecurity space, attackers lead the learning curve, with security professionals following the lead to boost preventive measures. However, with advanced technologies, this scenario begins to change.
The next-gen threat monitoring tools and predictive analytics go beyond the rule-based system and detect cyber risks, thereby flags potential threats in a secure and faster way.
With adequate nationwide cybersecurity awareness and robust policies in place, companies should be capable of battling cyber threats effectively in the future.