Symantec recently released the India findings of its annual Internet Security Threat Report. The 18th edition of the report observes that bot infections in India in the past one year have risen by 280 percent, when compared to the previous year.
According to the report, India accounts for nearly 15 percent of the global bot-net spam. It observes that most of this infection can be attributed to tier 2 cities such as Bhubaneswar, Surat, Cochin, Jaipur, Vishakhapatnam and Indore. While the number has gone down from 73 to 69, cities such as Kota, Ghaziabad and Mysore have got added to the list this year.
According to Anand Naik, Managing Director-Sales, India & SAARC, Symantec, the high level of bot infections in these locations can be contributed to the fact that while Internet adoption is on the rise – owing to increasing broadband penetration and easy availability of mobile devices with data connectivity, the level of awareness on Internet security is comparatively low in these regions.
Furthermore, the report also observes that SMBs are increasingly being targeted by attackers with 31 percent of all attacks globally being targeted at SMBs, a threefold increase over 2011. An indicator of this trend extending to India, is that small businesses received the highest number of phishing and virus-bearing emails. One in 661 emails was a phishing email for small Indian businesses and one in 248 emails carried a virus, while for larger Indian enterprises with 1,000-1,500 employees, one in 4,751 emails was a phishing email and one in 1,611 carried a virus.
SMBs according to the report, are attacked to steal customer data, intellectual property and bank account information. Explaining this trend Naik says that a major reason for attackers to go after SMBs is that the talent pool to manage security in these organizations is smaller and they lack the capability to invest extensively in security resources, while larger organizations have mature IT security practices, solutions and manpower in place. This makes SMBs an easy backdoor to large enterprises as many of them serve as suppliers or partners to bigger organizations.
It also talks about the rise in cyber espionage with a 42 percent increase in targeted attacks by organized criminals, with the global average number of targeted attacks per day in 2012 being 116, compared to 82 in 2011 and 77 in 2010. According to the findings of the report, majority of these attacks are targeted at knowledge workers.
The report also observes that presence of a large number of knowledge workers makes India, a potential target for attackers, with IT services featuring in the top list of industries targeted for spam, phishing and viruses. It estimates that India was home to 16 percent of viruses and globally, it ranked second for virus prevalence, just behind the United States. India also ranked third for overall malicious code.
“This year’s ISTR shows a clear focus among cybercriminals at targeting individuals, systems and organizations where the highest profits can be made,” said Naik. “India continues to rank high in the list for even the most basic threats, pointing to an urgent need for improved awareness levels and security measures, even as the country’s adoption of Internet and mobile technologies is on the rise.”
Finally, the report also observes that 68 percent Indians are addicted to their mobile devices and 72 percent of Indian businesses faced mobility incidents due to malware infections, spam incidents, exposures of information, breach of information due to lost/stolen devices and phishing/social engineering instances.