India’s cyber security game needs to improve and fast

India was the second most attacked country by cyber criminals after Japan in Asia Pacific in 2020.
India was the second most attacked country by cyber criminals after Japan in Asia Pacific in 2020.Caption: Getty Images
Published on

As India firmly finds its place within the digital era, it is time to up its defences in cyber space.

India seems to have entered a new age- the cyberage. Wide-spread internet and smartphone penetration, especially within the Tier 2 and Tier 3 cities along with the widespread digitalisation the country has witnessed since the onset of the pandemic have all contributed to India squarely entering a new cyber age.

India is now clocking around 100 million digital transactions a day with a volume of $67 billion.
India is now clocking around 100 million digital transactions a day with a volume of $67 billion.Courtesy: Getty Images

Of course, rampant digitalisation has not just meant more internet users, but also digital footprint. This included large number of e-commerce transactions, digital payments and money transfers. Data from the apex Reserve Bank of India (RBI) show that India is now clocking around 100 million digital transactions a day with a volume of $67 billion, about a five-times jump from 2016. RBI expects this to further grow five-fold to 1.5 billion transactions a day worth $200 billion.

The use of digital technology led to savings of nearly $23 billion, 98 per cent of this by eliminating erroneous beneficiaries. The advent of United Payment Interface (UPI), a real-time payment system developed by the National Payments Corporation of India and monitored by RBI has also changed the game for digital transactions.

Digital transformation across sectors such as manufacturing, education, healthcare, as well as government services and labour markets now has the potential to create $10-$150 billion incremental economic value by 2025.

99.4 per cent of Indian companies are categorised as MSMEs and are not aware of cyber risks and their potential to upend business.
99.4 per cent of Indian companies are categorised as MSMEs and are not aware of cyber risks and their potential to upend business. Courtesy: Getty Images

Securing cyber space

Of course, criminals too seem to have upped their cyber game. According to an IBM report released recently, India was the second most attacked country by cyber criminals after Japan in Asia Pacific in 2020. IBM Security X-Force observed attackers pivoting their attacks to businesses for which global COVID-19 response efforts heavily relied, such as hospitals, medical and pharmaceutical manufacturers, as well as energy companies powering the COVID-19 supply chain.

To quote the report, “India was the second most attacked country in the Asia Pacific. Attacks on India made up 7 per cent of all attacks X-Force observed on Asia in 2020. Finance and insurance was the top attacked industry in India (60 per cent), followed by manufacturing and professional services.”

The report also stated that ransomware was the top attack type, accounting for around 40 per cent of total cyber attacks. In addition, X-Force observed digital currency mining and server access attacks had hit Indian companies last year.

Breach, Breach, Breach

Another report by The Kaspersky Security Network (KSN) states that India has seen a 37 per cent increase in cyberattacks in the first quarter (Q1) of 2020. The report showed that its products detected and blocked 52,820,874 local cyber threats in India between January to March 2020. With more users getting connected to the Internet and entering the digital payments ecosystem, cyber fraud incidents may go up in 2021, researcher at cybersecurity firm warned. "As more options for digital payments are introduced, we can see more similar cases in the future," the company said.

And it’s not just funds that are being siphoned off.

Data is gold

In this digital era, data is the new currency and hackers and cyber criminals are targeting firms databases as much as they are targeting their wallets.

Earlier, this year, Greenbone Sustainable Resilience, a German cybersecurity firm reported that medical details of over 120 million Indian patients had been leaked and made freely available on the Internet.

Indian pharmaceutical company Lupin confirmed an information security incident that has affected multiple internal systems, while Dr Reddy’s confirmed a ransome ware attack. In November 2020, emerging e-commerce giant BigBasket's database was on sale for $40,000 in the cybercrime market.

The Kaspersky researchers also warned that as lockdown has made many micro, small and medium-sized enterprises (MSMEs) to go digital, they will have to take essential steps to protect their customers personal information. Any loopholes in the setups may provide attackers an opportunity to go after MSMEs, Kaspersky said.

Upping its cyber game

Companies in India largely tend to report cybersecurity incidents to regulators only where it is mandatory under applicable laws. Secrecy rather than reporting and remediation remains an issue in the event of data breaches. However, the upcoming amendments to the Personal Data Protection Bill 2019 (PDP) are expected to address most of these inaccuracies and discrepancies. However, India will have to come up with much stronger cyber security measures going forward and fast.

Related Stories

No stories found.

Podcast

No stories found.

Defence bulletin

No stories found.

The power of the quad

No stories found.

Videos

No stories found.

Women Leaders

No stories found.
India Global Business
www.indiaglobalbusiness.com