Chief Information Security Officer
Cyber Security Attacks – Impacts – SolutionsLast updated on December 26, 2017
Potential Areas of Attacks
India holds significant share in digital and knowledge outsourcing market. In addition to this India has embarked on a journey of digitization and it is progressing at a rapid pace. Few examples would be Aadhar, Digital locker, e-Hospital, e-Sign, Digitize India Platform, Next Generation Network, WiFi Hotspots, Digital payments, BHIM and Aadhar enabled payment systems (AEPS), etc.
Currently, India has 1 billion mobile users. In future, all our mobiles will become mobile ATMs. Just imagine the volume of data that is going to be used in transactions with increasing mobile usage and apps. This will make India as data-rich country.
It will make India one of the most preferred nations for hackers worldwide. As per Symantec recent survey, India is one of the most vulnerable countries for cybersecurity breaches.
Cases of data breaches are under-reported due to lack of mandatory legal requirements in India however developed countries (USA, Europe, Canada, Israel and Australia) have stringent legal requirements related data security issues.
The above statistics is giving jitters to all customers, their auditors and statutory bodies to protect their environment and data if outsourced to vendors in India.
How these cyber-attacks are playing out and impacting business, we can see the sections below.
The new breed of attacks like Ransomware, WannaCry, Petya, Locky, Cerber, Bucbi, SharkRaas, Crypt XXX and SamSam.
- Petya Ransomware breach has stopped Jawaharlal Nehru Port Trust operations. Huge loss of revenue and brand image of public sector organization of India.
- WannaCry breach has extracted millions of users data from Zomato (Food Coupon) website and paid a ransom of $1000.
- Passwords belonging to Uber engineers were stolen from GitHub coding site and used the same in Amazon web services where the company had stored the data. Hackers stole 57 Million users data, and Uber paid a huge price in restoring the data.
- Due to delay in patch update (Vulnerability in Apache Struts), Equifax was attacked by hackers and stole 143 millions of customers’ data. US Homeland security Computer Emergency Readiness Team (CERT) had alerted Equifax one month ahead on vulnerability, but Equifax took their sweet time to update patches due to large number of systems and hackers took advantage of this delay and did the damage.
This is a big opportunity for all the IT & ITES organizations by providing cost-effective solutions to customers to safeguard their network and data. Service providers should integrate cybersecurity needs as an integral part of policies procedures to avoid serious damage to our reputation and business.
Security Information and Event Management (SIEM) must be implemented to receive potential threat alerts before it turns in to a big disaster. Publishing the threat analysis reports to senior management for necessary actions and get a firm commitment to reduce possible threats and vulnerabilities (Weakness).
Segregation of duties plays a crucial role when there are multiple environments development, test, and production environments. Even due to budgetary constraints if the single person has to handle development, test and production environments, the person’s access should be approved by his supervisor on every log-in or should use different passwords for different environments.
Log-in webpages must carry out thorough input validations to avoid cross-site scripting and SQL injections. Password field must have hashing algorithm to avoid converting to plain text. Failure to do so may lead to data breach
Usage of password hashing algorithms MD-5, SHA-3, and SHA-1/2 (Password + Salt) are not secure. Latest and secure hashing algorithms used for password hashing are bcrypt and PBKDF2 and make sure that the system accepts only strong password during creation and modification (1 Uppercase, one special character, and minimum 1 number) by default.
Ransomware attacks are mainly due to phishing mails. So, don’t provide your credentials in mail pop-ups. Some hackers are sending mails with same domain name as if that they are from our organization but never ever provide your credentials.
Due to a high possibility of Cybersecurity breaches our customers flood with requests on the effectiveness of our business continuity and disaster recovery management process mainly to ascertain how secure their network and data are. For this, we should share necessary evidence to showcase process and implementation effectiveness to boost the customer confidence levels.
We would suggest register for all the social media sites instead of using Facebook and Gmail accounts to avoid misuse of the same password across the services by hacker.
With new threats are being unleashed every day, enterprises have finally realized the need for an effective tool to secure their IT assets. An integrated desktop and mobile device management are required to automatically patch Windows, Mac, and Linux endpoints and perform various other operations to secure your network against cyber-attacks.
Get more than what you think from your security solutions with YASH.
BHANU PRASAD KJan , 2018
Great analysis insights Sir!!