In the wake of the ongoing COVID-19 pandemic, companies in India are reporting more cyberattacks than any other country in the world and 56% of them report their IT costs having increased significantly in the past months – exactly two times the global average.The report further highlights that 92% of the companies globally have adopted new technologies to enable remote work, including workplace collaboration tools, privacy solutions, and endpoint cybersecurity. The challenge for organizations is that managing the protection of data across the company network and all of those new devices using a stack of different solutions is expensive, time-consuming, and complicated. The lack of integration also creates gaps in the organization’s defenses that cybercriminals are exploiting.
The report further of Acronics reveals, that as hackers target remote workers, phishing, distributed denial of service (DDoS), and videoconferencing attacks are the most common tactics used. Below are some of the key findings,39% of global companies experienced a videoconferencing attack in the past three months as workers rely on apps like Zoom, Cisco Webex, and Microsoft Teams – India demonstrates the highest rates, with 66% of local companies reporting having encountered videoconferencing attacks. Malware attacks such as ransomware also have increased during the pandemic, with 31% of companies reporting daily cyberattacks and half (50%) being targeted at least once a week – India reported twice as many attacks as any other country, followed by the US and the UAE.
Secondly, the phishing attacks are occurring at historic levels, which is not surprising since the report found only 2% of companies consider URL filtering when evaluating a cybersecurity solution. That oversight leaves remote workers vulnerable to phishing sites – while 62% of companies in India report struggling with phishing attempts.
Humans are and always will be the weakest link in any corporate IT security system. The potential attack surface of organizations continues to expand, and the speed and sophistication of cyberattacks continue to make defending the network ever more challenging. With IT teams on constant alert, and much of their time spent putting out fires, it can be difficult for organizations to pause and look at the big picture. The motivation of threat actors has changed dramatically. In the early days, the primary purpose of viruses was mainly research. Later, they were used to disable computers and delete files. In general, hacking was more about fame and prestige than money. However, it is worrying that leveraging emails to distribute malware – a strategy first invented several decades ago – is still very effective these days.
Most of the time, cyberattack goals are about money. Most breaches today are driven by cybercriminals who steal sensitive information to sell on the Dark Web, or encrypt systems and ask for a ransom. As a result, hacking has become much more sophisticated and lethal. For example, more than half of all attacks are managed by cybercrime organizations that are better organized than most companies. They have CEOs, account managers, and dedicated call centers that support the victims in paying ransoms. They approach their work like any business, except that their revenue streams are stolen data and extortion. Their new Cybercrime-as-a-Service ecosystem is one of the biggest reasons why the cybercrime industry grows dramatically and generates more than one trillion dollars in revenue every year. I would say, it is an organised crime at different level.