Targeted attacks on the rise

by Sohini Bagchi    Jul 19, 2012

symantec securitySecurity is no longer an ad hoc topic for enterprises in India. Rather it has become an integral part of their business culture. However, IT security issues continue to plague businesses and practically every other day, we come across security breaches.

A recent Symantec Intelligence report reveals that India is not only positioned higher than the global average as a target for spammers but is also the top source of spam globally, generating 15 percent of the total spam. There has also been an increase in the number of malware, phishing attacks and malicious websites in the first half of the year, reports Symantec.

According to CERT-In, which handles computer security incidents some hacker groups are launching Distributed Denial of Service (DDS) attacks on websites of government and private organisations in India. The attacks are being launched through popular DDoS tools and can consume bandwidth requiring appropriate proactive actions in coordination with service providers.

Sector-specific attacks

There has been a rise in the number of targeted attacks as per the Symantec report. The report observed that globally the defence industry has been the biggest target of cyber attacks, with an average of 7.3 attacks per day. Apart from the government, intellectual property intensive sectors such as chemical, pharmaceutical and manufacturing are the top industries that experienced targeted attacks.

“Like any other business vertical, critical information assets in the defence, chemical and pharmaceutical industry are dispersed across the cloud, smart devices and social media, bringing new challenges in security,” Shantanu Ghosh, VP and MD, Product Operations, Symantec India.
He adds that as these industries are IP sensitive, it makes them lucrative targets. Moreover, he observes that targeted attacks use social engineering and customised malware to gain unauthorised access to sensitive information.

Of the several targeted attacks, the Nitro attack, focused on the chemical sector, obtains sensitive documents such as proprietary designs, formulas, and manufacturing processes. Stuxnet, a computer worm is designed to target industrial control systems and enable the attacker to program the equipment according his intent.

Cybercriminals target intellectual property such as design documents, formulas, and manufacturing processes from compromised corporate intellectual property (IP). The attackers first research desired targets and then send emails specifically to the target. The report notes that the purpose of the attacks appears to be industrial espionage, collecting intellectual property for competitive advantage.

Countering security threats

Experts believe that there is a low level of security preparedness among Indian enterprises and sophisticated threats can be managed by only by adopting a holistic security approach.
According to Ghosh, “Taking a comprehensive content-centric approach to protecting information is key in identifying and classifying confidential, sensitive data, knowing where it resides, who has access to it, and how it is coming in or leaving your organisation.”

Susanta Majumder, IT Secretary of the WB Government believes that protection against complex threats should go beyond installing firewalls and antivirus. As part of security preparedness plan, it is important to not only focus on the protection aspect but also take immediate action and follow up in case of a data leakage occurs so as to avoid the same mistakes. The state government has introduced security preparedness program that cover aspects such as notification, use, access and data security.

“To create a more efficient enterprise, CIOs along with other key decision makers must create an action plan based on their current business requirement. It is important to have in place a security and risk committee for carrying a routine security processes to devote more time and resources to security innovation,” Mukul Dixit, Senior VP, Projects at Jubilant Life Sciences.

Ghosh believes, enterprises, especially in the targeted sectors need to develop and enforce IT policies. By prioritising risks and defining policies that span across all locations, they can enforce policies through built-in automation and workflow to protect information, identify threats, and remediate incidents as they occur or anticipate them before they happen.