Cyber security attacks and breaches in the country may have jumped by as much as 500% since the lockdown was first announced in March, according to security experts.
Internet service providers ET spoke with said they receive cyberattack alerts from corporate clients almost every alternate day compared with an average of once a week before lockdown was announced as part of measure to contain the spread of Covid-19.
“There could be as much as a 500% increase in cyber security incidents since March. Most of the attacks are below the radar and include attacks on small companies, money lost, phishing,” said Pavan Duggal, a Supreme Court advocate and cyber law expert.
Duggal said the government needs to formulate cyber security laws and create a stringent regime for intermediaries under the IT Act.
According to a cyber security expert, the government has also broached the issue with third-party consultants and discussed steps needed to be taken. This becomes important given that last week, the Indian Computer Emergency Response Team (CERT-In), the government’s nodal cyber security agency, had put out an advisory against possible phishing attacks.
Experts said the there was a marked increase in phishing attacks. Phishing is of two types–one which is targeted at selected individuals, called spear phishing, who may be of high net worth, while the other is done at a mass scale.
“There has been a 3x-4x increase in phishing over mass scale since December,” said Suman Kar, CEO for Banbreach, which provides cybersecurity consulting services.
Anticipating a flurry of cyberattacks, telecom and the internet services providers have been on alert.
Bharti Airtel recently upgraded its security operations centre to a higher threat-level status for the next 5-7 days in the wake of cyberattacks.
“We have come across media reports on the potential surge in cyberattacks, such as DDoS, Malware attacks, and defacement of websites. We have also witnessed an increase in such cyber activity during our security operations,” Airtel said in a recent communication to its enterprise customers in India. “These attacks threaten to not only disrupt critical business operations but also impact your brand’s reputation.”
Rajesh Chharia, president of Internet Services Providers Association of India (ISPAI), said, “The infrastructure needs to be better prepared. Every alternate day we get a call from a customer saying that the internet is choked, that there has been an attack. Before Covid, this used to be at most once a week affair.”
Leave a Reply