India, Now A Key Target For Cyber criminals

by Press Release    Nov 27, 2015


India is increasingly on the radar of cybercriminals from countries like China, Russia and the US, who are using advanced persistent threat (APT) attacks to steal data from consumers and enterprises, security software firm Kaspersky said today.

APT refers to a format where the attacker gains access to a network/device and stays there undetected for a long period of time. The motive of the attack is to steal data and there is damage over a longer term to the organisation/user.

“APT attacks are on the rise globally and those affecting India are also growing. These attacks are originating from China, the US and Russia among other countries. A major chunk of the attacks like Equation, Turla, Darkhotel, Regin, Cloud Atlas infected India as well,” Kaspersky Lab Deputy Director Global Research and Analysis Team Sergey Novikov told reporters here. He added that while there were three APT announcements in 2012, the number grew to seven in 2013, 11 in 2014 and 10 in the first half of 2015.

“As more and more devices get connected to the Internet, the level of sophistication of these attacks is also on the rise,” he said. Novikov said the line of distinction between state-sponsored cyber attacks and those by criminal gangs is diminishing as similar techniques often get used. “However, it is difficult to establish whether they are working together,” he added.

Stuxnet is a example of such attack. The malicious worm is believed to have been a jointly built American-Israeli cyber weapon to sabotage Iran’s nuclear programme. Rainer Bock, Head of Strategic Projects at the company said one could see more complex attacks going ahead, including state-sponsored ones. 

“Also, the vectors of attacks will evolve. From attacking devices, cybercriminals are now looking at networks and communication channels like WiFi, Bluetooth and 3G,” he added. Targets of these attacks are also evolving as newer devices like ATM and PoS machines, smart cities and connected cars are now on the radar, he said.

Another recent report security firm Norton said a large number of Internet users in the country don’t hesitate sharing their bank credentials with others. People also continue to download and install apps, music, and movies from unsafe sources - to save money - that is crippling their security and privacy.

“As more people come online, and access a smartphone for the first time, it has become more crucial than ever that they are aware of the security implications that these services and facilities come tied with. But as has been found, we continue to remain ignorant about the basics of how the Web works, and what these “smart” devices are doing behind the scenes,” it said.

The report showed that as many as 113 million users were affected by a form of online attacks in the past year. On an average, an affected individual loses roughly Rs. 16,000 dealing with the fallout of cybercrimes, and as many as 30 hours in the aftermath of such an attack.

“In the past year, 48 percent of India’s online population or approximately 113 million Indians were affected by online crime,” said Ritesh Chopra, Country Manager, India, Norton by Symantec. 

Experts believe while PM Narendra Modi-led Digital India initiative is an ambitious move, in which a number of crucial sectors of the economy embraces the Internet to foster growth, expansion, and accessibility, it also increases the risks of cyber threats.

As the cyber-security awareness and efforts continue to lag behind the curve, it is important that security vendors, and the government take proactive measure to prevent the country from various advanced cyber attacks.

(With inputs from agencies)