“India’s cybersecurity is ranked very low globally and even the budgetary allocations are below par.”
A well-planned cyber attack can cause power outages, air traffic chaos and can even shut down a nuclear reactor. Modern global warfare has taken an uglier turn in this information age. The malicious players sit far away from their victims and administer attacks and subdue them almost effortlessly. Cyberspace has emerged as a new playground for espionage. All one needs is a few dedicated hackers who can crawl for information stored on the enemy’s servers. Today, almost every organisation at some stage of technology adoption, including expanding its footprint on digital delivery channels. Be it core banking solutions, or digital delivery channels such as internet banking or mobile banking; there has been an unprecedented push for nationwide financial inclusion. COVID-19 worked as a catalyst by bringing more players into the market, making cyber attacks a commonplace.
In an interview with Analytics India Magazine, Sudeep Das of IBM Security Systems warned that the cybercriminals are capitalising the opportunity [pandemic] to launch novel attacks. They are using tactics from phishing campaigns and malicious domains to targeted malware and ransomware.
Last month Microsoft published a report about an ongoing investigation on Solorigate that rattled global cybersecurity systems globally. In the report, the companies said that the hackers could view source code in several source code repositories. The Solarwinds hack was so well-orchestrated that the hackers even managed to penetrate the secured servers of intelligence services too.
“There’s definitely a place for dark web monitoring, but most organisations don’t have the maturity level where they’re getting a good return on that investment.”Microsoft
According to estimates, the hackers sent its probes only into a few dozen of the 18,000 government and private networks they gained access via management software provider SolarWinds. The attack breached multiple layers of the supply chain to gain access to as many as 250 networks.
Telecommunications, energy, financial networks, transportation systems are usually more prone to cyberattacks. According to the Data Security Council of India (DSCI), cyberattacks can be carried out in a number of ways:
- Radio networks for GPS
Financial networks too are a major target. With rapid digitisation, attackers can put nations in jeopardy by breaching banks, stock exchanges, trading, online payment systems, and other transactions. The global Cybersecurity Index for 2018 ranks India at 47th place globally. India is the third-largest consumer of internet services only next to the US and China, and it is only obvious that Indian institutions and individuals are equally vulnerable to such major attacks. So, how well is India prepared?
Cybersecurity: An Indian Perspective
A look at a few popular recent attacks on Indian cyberspace:
- In July 2016, a phishing email sent to an employee at Union Bank of India, hackers accessed the credentials to execute a fund transfer, unsuccessfully swindling Union Bank of India of $171 million.
- The infamous Wannacry Ransomware attack even impacted servers in Indian states such as Andhra Pradesh and West Bengal.
- Popular online grocery service provider, Bigbasket faced a data breach by a group named “Shinyhunters” who reportedly have compromised the data of more than 2 million users.
- F&B giant, Haldiram’s were demanded $750,000 as part of a ransomware attack
- In May 2020, it was reported that data of 40 million Truecaller Indian users was reportedly put out for sale on the dark web.
Rising cyber threats after COVID-19, observes a Deloitte survey, pose serious concerns, especially for Indian banks. Globally, cyberattacks against financial institutions increased 238% during the pandemic between February 2020 and April 2020.
Citing IBM’s data breach report, Das revealed that the Indian companies incurred an average of ₹140 million total costs of a data breach in 2020, an increase of 9.4% from 2019. The top 3 root causes of data breaches were categorised as 53% malicious attack, 26% system glitch and 21% human error.
Most equipment and technology for setting up cybersecurity infrastructure in India are currently procured from global sources. So, these systems are vulnerable to cyber threats, just like any other connected system.
There is a great need for a robust Cyber Security Strategy in India that can enable resilience by establishing critical information infrastructure and crisis management. Countries which flaunt cutting edge cybersecurity usually are breeding grounds for startups. The government bodies can only go so far. Similarly, India too needs to nurture an ecosystem that incentivises more startup players to get into cybersecurity.
Andhra Pradesh, Telangana and Haryana have earmarked separate budgets for cybersecurity (e.g. 10% of state government IT spends) on setting up operation centres and other tasks. This is on par with Singapore that announced 8% to 10% of its IT budget on cybersecurity in line with similar practices in Korea (10%) and Israel (8%). Here are a few recommendations from the survey:
- India needs a Cyber Readiness Index to benchmark security practices in all states and UTs.
- India should play an active role in global cybersecurity dialogue.
- Additional budgetary allocations for states to account for cybersecurity.
ITU projects that there will be 70% Internet penetration by 2023 and the projected cybercrime cost will be an estimated $2 trillion. Fortunately, over the last decade, artificial intelligence and machine learning have emerged as key solutions to understand and predict the nature of these attacks.
Modern Day Solutions For Modern Day Problems
According to a report by Accenture, organisations spend more than 10 % of their IT budgets on cybersecurity programs on an average. And, 84% of organisations spend more than 20% of their cybersecurity budgets on tools that leverage AI, machine learning and RPA. Three years ago, only 41% of industry leaders were spending more than 20 per cent of their cybersecurity budgets on advanced technologies. Today that has doubled, to 82%.
For instance, Darktrace’s AI products are smoking out the dormant hackers who ride below the radar and evade detection. Founded in 2014, Darktrace, a global AI company for cyber defence, has been leveraging AI that is modelled on human immune systems — a digital antibody. Darktrace’s solution takes action against in-progress cyber threats, limiting damage and stopping their spread in real-time. The digital antibody intelligently generated measured and proportionate responses in case of a threat without impacting normal business operations.
“Global ransomware damage costs are predicted to hit $20 billion in 2021, up from $11.5 billion in 2019, $5 billion in 2017, and just $325 million in 2015.”Cybersecurity Ventures
Experts believe that machine learning can bridge the gap between automated threat detection and a security team’s response. A neural network can be trained on millions of legitimate and malicious files to predict and prevent future malware activity. So far, standard techniques like natural language processing (NLP)for text analysis along with regression models have come in handy. ML models are getting better with time, but the nature of attacks also evolve with time.
A successful malware attack can morph itself with the files in the system, making it undetectable even for state-of-the-art pattern recognition machine learning models. Furthermore, the attackers can deploy their own machine learning models that can trick the already in place systems into chasing their own tails.
For more resources for ML solutions in cybersecurity, click here.