Express Computer
Home  »  Guest Blogs  »  The age of vulnerability calls for urgent cybersecurity measures

The age of vulnerability calls for urgent cybersecurity measures

0 95

By Anshuman Sharma, Director – VTRAC, Cybersecurity Consulting Services, Verizon Business

India’s digital economy is outpacing advanced nations like the UK, Germany, and Japan, according to the State of India’s Digital Economy report. However, this digital revolution comes with a downside: a surge in cyberattacks. Consider this – India is among the top two most targeted nations for cyberattacks, and is the third-largest country for phishing attacks.
The impact and widespread scale of cybercrime is a grave reality for industries and lawmakers today, especially as the digital economy could account for 20% of the nation’s GDP by 2027. The recently published Data Breach Investigations Report (DBIR) 2024 throws a spotlight on the prevalence and rise of sophisticated cyber threats involving exploitation of system vulnerabilities, spear phishing, and impersonation attacks.

From digital extortion to espionage: How cybercrime is evolving in APAC & India
In March 2024, government and energy sectors found themselves under attack by threat actors, who infiltrated their systems using a phishing email supposedly from the Indian Air Force. Codenamed ‘Operation Flightnight’, attackers compromised the data and security of government entities including national defense organizations and gained access to confidential details of private energy companies including financial documents, employee details, and drilling activities. Such incidents of espionage are playing out at national and industry levels, but that’s not all.

Cybercriminals in India are casting a wide net for extortion targets, from CEOs of major corporations to teenagers’ prized gaming profiles. A recent DBIR report highlights this alarming trend, revealing a staggering 180% increase in hackers exploiting vulnerabilities, primarily through web applications. However, the report also identifies a critical vulnerability: human error. The human element, as always, remains a concern, accounting for 68% of breaches.

So who are the actors behind these attacks, and what motivates them? Financial gain remains the prime weapon of cybercriminals, with ransomware attacks extorting companies into hefty payouts. While internal actors have increased as players in data breaches, most involve careless mistakes rather than malicious intent. While insider threats are on the rise, most involve careless mistakes rather than malicious intent. The real eye-opener lies in espionage: a staggering 25% of breaches in APAC target sensitive data, compared to a mere 4-6% globally (2024 DBIR report). This suggests a much higher focus on stealing secrets in the region.

Exploitation of vulnerabilities – The newest and largest threat to Indian businesses
Indian businesses face a critical cybersecurity challenge: the rampant exploitation of system vulnerabilities. In the APAC region cyber criminals attacked servers to an extent of 100% in 407 instances, primarily through hacking and malware. These attacks overwhelmingly followed a predictable pattern – 95% involved system intrusion, social engineering, or basic web application attacks.

The delay in patching critical vulnerabilities is one of the major reasons for the spike in the exploitation of vulnerabilities. An analysis by CISA (Cybersecurity Infrastructure and Security Agency) revealed that, on average, it takes organisations 55 days to remediate only 50% of critical vulnerabilities, after relevant patches are deployed. This is not fast enough to prevent cybercriminals and threat actors who are constantly on the lookout for ways to exploit these vulnerabilities.

Cybersecurity needs to extend beyond organisational walls. A concerning 68% increase in breaches originating from vendor vulnerabilities highlights the need for robust third-party security protocols. Businesses must prioritize rapid patching, employee awareness training, and collaboration with vendors to create a more secure digital environment.

Building resilience in the face of rising threats
Organisations must have a layered approach to cybersecurity, including protection and detection at every level, from the user to the application, device, and network. A comprehensive five-part defense plan is called for that covers network and cloud security, network filtering, endpoint security, voice security, and expert consulting.

Recognizing the human element, businesses are also investing in employee awareness training. By educating the entire workforce, not just IT teams, organisations can significantly increase the detection and reporting rate of phishing attempts, strengthening the first line of defense.

Finally, given the prevalence of espionage-driven attacks, companies should scrutinize their third-party networks. Reviewing the security practices of suppliers, academic institutions, and research facilities helps to ensure sensitive information, especially those with national security implications, remains protected throughout the ecosystem.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image