Cybersecurity in India: In its Security Endpoint Threat Report 2019, technology giant Microsoft revealed the cyberthreat in India. According to the report, India was among the countries having the highest encounters of cryptocurrency mining and drive-by download attacks in 2019. The findings were based on an analysis of various data sources, which include as many as 8 trillion threat signals that Microsoft receives and analyses every day. This analysis covered a period of 12 months, from January to December last year.
A company statement quoted Assistant General Counsel of the Microsoft Digital Crimes Unit in Asia region, Mary Jo Schrade as saying that with evolution in security defences, attackers rely on new methods of attacking. The company’s access to the trillions of threat signals every day gives it insight into how cyberattacks can be countered, she added. With this report, Microsoft aims to inform users and organisations about the changes in the threat landscape and help them improve their cybersecurity by mitigating the effects of the attacks that are becoming increasingly sophisticated.
Microsoft Security Report: Malware and Ransomware encounters in India
As per the report, Asia Pacific region experienced malware attacks at an encounter rate 1.6 times higher than the global rate, while the region witnessed ransomware attacks at a rate 1.7 times higher than the rest of the world.
Moreover, within the region, India was the seventh country to register the highest malware attacks, with an encounter rate of 5.89% in 2019, 1.1 times higher than the regional average. In terms of the ransomware attacks in the region, India stood at the third position with an encounter rate twice that of the region. This remained true even as the malware attacks decreased by 35% and ransomware attacks decreased by 29% in the last year.
Microsoft India’s Group Head and Assistant General Counsel of Corporate, External and Legal Affairs, Keshav Dhakad said in the statement that while the overall cyber hygiene in the country has taken a turn for the better, there is much that remains to be done. He added that typically, excessive use of unlicensed and/or software pirated and proliferation of sites that offer free software or content leads to high malware encounters. To prevent this, consumer education is important.
Cryptocurrency mining: India records second highest encounter rate in region
The encounter rate of cryptocurrency mining in India decreased 35% as compared to 2018, but still stood at a rate 4.6 times higher than the regional as well as global average, according to the report. The highest encounter rate in the Asia Pacific region was in Sri Lanka, which was the only country ahead of India.
In such attacks, cryptocurrency mining malware infects the computer, using which attackers can leverage the computing power of the victim’s computer without the victim knowing.
Dhakad said that even as the efforts of cybercriminals have been refocused to other areas of cybercrime, mainly due to the fluctuations in the value of cryptocurrency and the increase in time needed to generate it, the attackers still exploit users in areas where cyber awareness is low.
Drive-by download attack continued to remain high in India
According to the report, the volume of drive-by download attacks declined by 27% in the Asia Pacific region as compared to 2018. Such attacks are carried out by downloading malicious code into the computer of an unsuspecting user when they fill up a form or visit a website. The code is then used by the attacker to steal financial information or the user’s passwords.
Even though there was a general decline in the attack across the region, the report found an increase of 140% in these attacks. The report stated that along with important financial hubs of Hong Kong and Singapore, India witnessed an attack volume three times higher than the regional and the global average.
Dhakad said that the attackers use this attack technique to target end users and organisations with the purpose of stealing valuable financial information or intellectual property. This could be a reason why regional business hubs record the highest volume of such threats. He added that high rate of encounter does not mean that the infection rate is also high, since the use of genuine software and cyber hygiene prevent the systems from the attack.
Coronavirus pandemic and cybersecurity
Since the pandemic broke out, the data collected by the Microsoft Intelligence Protection team showed that every country had witnessed at least one attack themed around COVID-19. The report added that the volume of such attacks being successful is seemingly increasing in countries that have been hit by the pandemic, due to the rising fear and desire for information.
The report stated that among the millions of phishing messages sent worldwide every day, around 60,000 contain malicious attachments or URLs related to COVID-19. These attackers are pretending to be the World Health Organization (WHO), Centers for Disease Control and Prevention (CDC), and the Department of Health and entering into the inboxes of the victims, the report added.
Dhakad said that according to the tech giant’s data, the threats which have been themed around COVID-19 are mostly retreads of attacks that have been used previously, with only slight changes to link them to the pandemic. This translates to the attackers using their existing malicious infrastructure to capitalise on the pandemic-induced fear in the minds of the people.