The 2020 Global Cyber Security Attitude Survey has found that India Inc is particularly threatened by cyber attacks originating from China and Pakistan due to rising geopolitical tensions.
As it happens, India has been the worst-hit by ransomware in the Asia Pacific region this year, with 74% companies coming under such attacks, compared to Australia (67%), Japan (52%) and Singapore (46%).
As per the global survey, carried out by US-based cybersecurity technology company CrowdStrike, more than a third of Indian companies have paid $1-$2.5 million as ransom to hackers in the last year.
Ransomware, general malware, phishing and password attacks were the major concerns for Indian outfits, with 90% of them threatened by e-crime and 77% concerned by hacktivists, followed by insider threats and threats from nation-states.
Nation-State attacks, a major cause for concern
Most disturbingly, more than half the number of companies surveyed opined that nation-state attacks are the biggest concern for them in the coming year
The respondents also felt most threatened by attacks originating from China (76%) followed by Pakistan (48%) and Russia (43%).
“As growing international tensions and the global election year have created a nesting ground for increased nation-state activity, organizations are under increased pressure to resume operations despite the increased value of intellectual property and vulnerabilities caused by Covid-19,” the survey said.
In general, 89% are fearful that growing international tensions (for instance, US-China trade war) are likely to result in a considerable increase in cyber threats for organisations.
Survey and its methodology
The study surveyed 2,200 senior IT decision-makers and security professionals during August and September 2020 across Australia, France, Germany, India, Italy, Japan, Middle East, Netherlands, Singapore, Spain, U.K. and U.S., drawing respondents from a wide range of industries. All respondents were from organizations with 250 or more employees and represent both private and public sector organizations.
“This year has been especially challenging for organisations of all sizes around the world, with both the proliferation of ransomware and growing tensions from nation-state actors posing a massive threat to regions worldwide,” said Michael Sentonas, chief technology officer, CrowdStrike.
He added: “Now more than ever, organisations are finding ways to rapidly undergo digital transformation to bring their security to the cloud in order to keep pace with modern-day threats and secure their ‘work from anywhere’ operations.”
Recently, in India, well-known e-grocer BigBasket was said to have suffered a data breach and various details of around 20 million users may have been leaked on the dark web. Data worth $40,000 was reportedly leaked.
Cyberattacks have been reported from companies like Truecaller, Dunzo, Unacademy, Naukri.com, Bharat Earth Movers Limited (BEML), LimeRoad and IndiaBulls.
Hacking was also reported at Paytm Mall, the e-commerce marketplace wing of Paytm. John Wick, the hacker group allegedly behind the breach, was also instrumental in hacking the Twitter account linked to Indian Prime Minister Narendra Modi‘s personal website and a mobile app.