Indian companies are increasingly becoming a target for cyberattacks

As India’s digital footprint grows, the need to address cyber threats has become more critical than ever. While the pandemic has accelerated digital transformation across India, it has also accelerated the need to protect a vastly different IT environment where millions of new devices and users are connected virtually. This evolution of digital connectedness brings unprecedented opportunities for employees to collaborate digitally like never before, and to maintain business continuity. However, with this transformation comes a new paradigm of digital risk that puts organisations and individuals in a more vulnerable state than enterprises have ever seen previously, based on the omnipresent threat of malicious attackers and privacy breaches.

Over the last three decades, India has emerged as a major business and IT outsourcing hub, catering to international markets across industries. The exponential growth in the digitaliastion of services, both public and private, has increased the overall attack surface of the country. As per recent data from CERT-In, India witnessed a 300% increase in the number of cyberattacks in 2020 over 2019. This indicates a tremendous increase in the sophisticated phishing and malware attacks against enterprises and critical infrastructure organizations in India, as well as a level of unpreparedness to protect against attackers who move quickly and are often undetected by traditional security tools.

Another dynamic contributing to the current climate is, the digital reforms in India have not been sufficiently backed by an upgrade in the overall cybersecurity infrastructure. As India gains prominence in the geopolitical and international arenas, it is increasingly becoming a lucrative target for state-sponsored and financially motivated threat actors.

India: Facing a challenging cyber landscape

Recent data breaches at several IT, Fintech, and consumer-facing organizations in India have put a sizeable question mark on the state of cybersecurity in India. Adding to the broth is the rising geopolitical tension between India and its neighbours, which has also lead to an increase of state-sponsored cyber attacks.

India is not exempt from cyber warfare as is evident from the attack believed to have been launched at India’s critical infrastructure by the Chinese state-sponsored actor, dubbed RedEcho. Suspected to be an attempt at cyberespionage and service disruption, the threat group targeted 10 power sector organizations, four of which included Regional Load Despatch Centres. Consider a situation where major disruption is carried out by threat actors targeting the power industry and emergency services at a time when the country is already reeling under the second wave of the Covid-19 pandemic. The consequences of such an attack can be extremely devastating.

As workforces become more distributed and remote, the threat landscape has not only widened but become far more complicated. Ensuring the security of individuals and organisations is becoming one of the top priorities in the digital world, as the traditional approach to security no longer seems enough. A remote workforce comes with myriad dangers, with employees relying on their home networks – and sometimes their own devices for work. Ransomware attacks and data breaches have become even more pervasive – and effective during the course of remote work.

Rethinking cybersecurity in a virtual world

Organizations in India have largely focused their security strategies on achieving bare-minimum regulatory compliance. Furthermore, they are working out of their own silos, unlike their western counterparts who have moved toward a collective defense strategy in countering cyberattacks.

A collective defense strategy entails organisations from all economic sectors joining hands with each other through real-time strategic and tactical information sharing over secured mediums. This empowers organizations to identify the attacker’s footprints, also known as threat indicators of compromise or IOCs in security parlance, and immediately share such intelligence with their counterparts and prevent the attack from having a widespread impact.

In the new normal, not just work-from-home, activities like shop-from-home, learn-from-home, etc have seen a rise, due to the low-touch economy. With home becoming a base camp for many day-to-day activities, actionable threat intelligence must be delivered to end-users to ensure robust security. Organizations should streamline their investments towards cybersecurity and organize cybersecurity awareness programs. The combination of innovation and education will be crucial for cybersecurity in the near future.

Way forward: Focus on information sharing

The recent cybersecurity Executive Order (EO) by US President Joe Biden has strongly emphasized achieving end-to-end information sharing between the private and public entities in the United States. The EO has come at a time when the US is witnessing an increasingly high volume of sophisticated cyberattacks targeting their critical infrastructure assets. A similar situation has started to emerge in India wherein attacks on critical infrastructure assets in financial services, the energy and power industry, IT companies, and public utility sectors have only increased over the last few years. The Government of India must adopt a similar approach, tailored to the Indian interests, and mandate real-time threat intelligence sharing between all private and public entities.

As security has undergone a shift in the last year, enterprises post-pandemic will need to revisit and rethink their cybersecurity strategies. The new National Cyber Security Strategy, which is currently under works, must lay the foundation for a proactive security strategy and move toward formulating a collective defense with all Indian stakeholders involved. Such a security strategy won’t only promote a healthy collaboration between organisations in India but would also act as a potent force in gradually scaling up their security maturities as they share threat intelligence and learn from each other.

This article has been written by Akshat Jain, CTO and Co-founder, Cyware