TheNFAPost Podcast
3

Massive digitisation has made Indian enterprises an attractive target for cybercriminals

Bengaluru, NFAPost: Global cyber security majorK7 Computing’s Cyber Threat Monitor Report, a deep and comprehensive analysis of the cyber threat landscape in India, reports a sudden increase in ransomware attacks targeting Indian enterprises during Q1, 2020-21.

The report analysed various cyberattacks during the quarter and found that threat actors are increasing the frequency of their attacks with new and sinister strategies. The increase in frequency of attacks in the country has been enabled by ransomware operators offering ransomware as a service to cyber attackers.

The report reveals that modern ransomware operators have transformed themselves into businesses and are extremely focused on their targets and attacking strategies. Threat actors now operate like high-end software enterprises offering Ransomware as a Service (RaaS).

Customised attacks

Modern RaaS solutions come with high-end tools like a dashboard to display attack status in real time, customer helpline, and more. Threat actors are also increasing their advertisements on the dark web, offering a variety of customised attacks.

The K7 Q1, 2020-21 Cyber Threat Monitor Report discloses a 4% increase in the infection rate across the country. Malware in the form of ransomware, Remote Access Trojans (RATs) and Banking Trojans have been on the rise during the quarter.

The report also found that Chennai, Pune, Ahmedabad and Hyderabad recorded the highest rate of infections amongst Tier-I cities; Guwahati, Jaipur and Jammu had the highest infection rate of 38% each followed by Patna at 35% amongst Tier-II cities.

Exploit vulnerabilities

These attacks were designed to exploit user trust and scam people for financial gain. Threat actors have continued to exploit vulnerabilities in operating systems, application software, and firmware in this quarter. Zoom and Microsoft Teams were the most at risk. Apart from this, hackers have also taken advantage of salient weaknesses in Windows, Android, iOS, and IoT devices.

Commenting on the findings, K7 Computing Founder & CEO J Kesavardhanan said it is an area of significant concern for the country during this critical situation.

“Cyber attackers have been shifting their aim towards the enterprise market, exploiting the lack of cybersecurity awareness amongst start-ups and SMEs. It is not only a major threat to businesses but also to consumers who are dependent on the internet,” said K7 Computing Founder & CEO J Kesavardhanan.

Phishing attacks

K7 Computing Founder & CEO J Kesavardhanan also pointed out that cybercriminals are getting smarter and cyberattacks are becoming more sophisticated.

“Be it malware, data loss, or hacking, netizens and especially enterprises are at greater risk of becoming victims of cybercrime than ever before. We are also witnessing an increase in phishing attacks due to the panic caused by COVID-19 and offices transitioning their workforce from centralised secure hubs to remote workstations at home,” said K7 Computing Founder & CEO J Kesavardhanan.

K7 Computing Founder & CEO J Kesavardhanan said phishing attacks are challenging for small- and medium-sized businesses that don’t have a full-time IT security professional to monitor and enforce adequate protection.

Other Key Findings from the Study

Vulnerabilities Galore

·         Threat actors often invest a considerable amount of time in finding unknown vulnerabilities in software and hardware

·         A partial path traversal vulnerability CVE-2020-6110 was noticed in the Zoom client

·         Critical vulnerability CVE-2020-11470 in the Zoom app allows an attacker to take control of the victim’s microphone and camera without notifying them

·         A vulnerability in Microsoft Teams allows cybercriminals to use a malicious GIF to sweep up the user’s data and take over an organisation’s Teams accounts

SMB Vulnerabilities

·         Two new vulnerabilities were detected in Microsoft’s Server Message Block (SMB) protocol

·         The vulnerability could achieve remote code execution by combining with the SMBGhost vulnerability, thereby exploiting all systems running on Windows 10 and Windows Server.

Danger in the Internet of Things

·         Vulnerability in the authorisation controls of the Cisco IOx application allows a remote attacker to execute commands without proper authorisation

·         Researchers also found out two vulnerabilities in a TCP/IP software library developed by Treck, out of which CVE-2020-11896 could affect any device running on Treck with a specific configuration

Mobile Devices

·         Adversaries are not only relying on malvertising apps to monetise their efforts but are also developing Trojans to deliver their malicious attacks

·         The proportion of adware and Trojans on the Android platform have swapped their positions in just over a year

·         The notorious Operation Cerberus banking Trojan was seen primarily targeting Indian banking users

Mac

·         Adversaries are constantly developing malware to attack individual macOS powered machines or networks to make money, accumulate sensitive financial information, or mine cryptocurrency

·         Q4, 2019-20 witnessed a 7% increase in Trojan attacks compared to Q3, 2019-20. The surge continued in Q1, 2020-21 with a growth of 11% in comparison to the prior quarter

·         A large variety of Potentially Unwanted Programs (PUPs), many belonging to the keylogger or activity monitor category, were found during the quarter

K7 Computing is a global provider of leading IT security solutions for enterprises and consumers. Incorporated in 1991, K7 Computing has its registered office in Chennai and a strong presence in all Indian states. With more than 20,000 channel partners, K7 Computing is protecting more than 25 million customers worldwide against the threats to their IT environment. 

Indigenous products

K7 Computing has always believed in offering completely indigenous security products to its users worldwide. The recent notification from the Indian Ministry of Electronics and Information Technology (MeitY) on procurement of 100% indigenous cyber security products establishes K7 Computing as the only Indian player to comply with the Public Procurement Order 2018 for Cyber Security Products. 

The company was accepted as the first Indian anti-virus company in Japan, partnering with Source Next to distribute K7 Total Security under the name ‘Virus Security Zero’.

Source Next Corporation is Japan’s top-most domestic PC software seller with access to more than 25,000 retail shelves across the country. The widely acclaimed product commands a major market share in the retail segment in Japan. K7 Computing has been certified with ISO 9001:2015 & 27001:2013 for Quality & Risk Management.

LEAVE A REPLY

Please enter your comment!
Please enter your name here