As Cloud And IoT Devices Come Under Attack, India Needs To Wake Up To The Reality Of Cyber Threats

 

With the rise of cloud computing, the internet of things and the IoT edge devices, there are new potential threats in the industry. The cyber threat landscape is seeing a rise in Malware-as-a-Service and over the years, market researchers have predicted that there will be an unexpected rise in mobile malware, botnets, banking fraud, ransomware and attempts to bypass two-factor authentication. With corporate data moving into the cloud, cybersecurity companies have seen a significant spike in targeted attacks on a large amount of corporate data based in the cloud.

A recent report indicates that about 21% of the data, which includes intellectual property, customer and personal data, is now managed in the cloud. Cybercriminals are using various methods to target corporate data, particularly by targeting weak APIs or ungoverned APIs. A McAfee 2019 Threat report outlined a few scenarios which included cloud-native attacks targeting weak APIs or ungoverned API endpoints, exfiltration of data in cloud databases, and leveraging the cloud technology as a springboard to launch crypto jacking or ransomware attacks.

THE BELAMY

Sign up for your weekly dose of what's up in emerging technology.

The three key trends, as outlined by cybersecurity company emphasise how attackers are getting more sophisticated in the use of AI to help avoid detection by security software, particularly to automate target selection, or to check infected environments before deploying later stages and avoiding detection. In fact, the Threat report revealed that an entire underground economy has emerged, where criminals can now outsource products and dedicated services to aid their activities.

  • AI As A Means For Evasion: The accessibility of sophisticated technologies such as AI will enable cybercriminals to develop cyberattacks with increasingly sophisticated evasion techniques. By leveraging AI, cybercriminals have the ability to automate target selection, scan for target network vulnerabilities, understand the responsiveness of infected environments to avoid detection before deploying later stages of attacks
  • Similar Bot-enabled Social Media Attacks Can Be Repurposed: Close on the heels of US elections which were swayed by Russian hackers deploying bots, cyber experts believe a similar strategy can be deployed to amplify deceitful messaging. Following in the footsteps of recent infamous election campaigns which swayed public opinion, cybercriminals are more likely to repurpose bots and leverage social media to extort organizations by threatening their brands
  • IoT Attacks Via Tablets, Smartphones And Routers: The report underscores the rise in mobile malware which can infiltrate smartphones, tablets, and routers to gain access to the digital assistants and home IoT devices they control. Once infected, these devices will allow access to consumer homes while supplying botnets, which can further be used to launch DDoS attacks or gain access to personal data

Key Cybersecurity Challenges Faced By Indian Enterprises

India ranks 4 out of 10 in the list of most-targeted companies. Between April 2017 and January 2018, around 22,000 websites were hacked, Indian Computer Emergency Response Team revealed. A recent report by CERT indicated incidents of large-scale crypto-mining carried out through compromised routers that inject a cryptominer on the websites visited by the users. In other words, attackers are using the user’s resources to cryptocurrency without the user’s permission. Another news report indicated over 493 websites out of which 114 were government-run were also affected by malware in India.

According to Shree Parthasarthy, Partner, National Leader-Cyber Risk Services, Deloitte India, in the last few years, India has seen a marked increase in data breach incidents and cyber-attacks across sectors and company sizes. “Now that the data protection bill is about to be tabled in the Lok Sabha, strengthening cybersecurity capabilities has become the topmost priority for many organizations and their stakeholders,” he said. While leading enterprises are able to pre-empt the attacks through resilient security systems, startups and small organisations are exposed to cyber threats and loss of data. A NASSCOM report indicates that the size of the Indian security market is $953 and is expected to grow 2x by 2020.

Hackers are aware that small and medium-sized businesses invest little in beefing up their defence and improving the cybersecurity, which gives an easy opportunity for attackers to exploit. These data breaches can leave SMEs and startups exposed to ransomware attacks and loss of data. A recent report highlights that in the wake of cyber attacks in India, sectors such as e-commerce, government, defence and BFSI have become the key adopters of security solutions. In the last few years, over 50 Indian companies have set up base in India to develop cutting-edge security solutions and products.

 

More Great AIM Stories

Richa Bhatia
Richa Bhatia is a seasoned journalist with six-years experience in reportage and news coverage and has had stints at Times of India and The Indian Express. She is an avid reader, mum to a feisty two-year-old and loves writing about the next-gen technology that is shaping our world.

Our Upcoming Events

Conference, in-person (Bangalore)
Machine Learning Developers Summit (MLDS) 2023
19-20th Jan, 2023

Conference, in-person (Bangalore)
Rising 2023 | Women in Tech Conference
16-17th Mar, 2023

Conference, in-person (Bangalore)
Data Engineering Summit (DES) 2023
27-28th Apr, 2023

Conference, in-person (Bangalore)
MachineCon 2023
23rd Jun, 2023

Conference, in-person (Bangalore)
Cypher 2023
20-22nd Sep, 2023

3 Ways to Join our Community

Whatsapp group

Discover special offers, top stories, upcoming events, and more.

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Subscribe to our newsletter

Get the latest updates from AIM