AI and its
Future in India
AI has the potential to add US$957 billion to India's economy in 2035. Find out how.Find out more >
Even as innovations like the Internet of Things change the way we live, and businesses make use of technological advances like Artificial Intelligence to plot growth, an increase in cybercrime over the last few years threatens to derail everything.
It is for this reason that organizations and governments are now moving to invest time, money and resources into not just building cyber security systems to thwart individual attacks, but also to inculcate a culture of resilience.
As a concept, cyber resilience requires organisations to not just deal with threats to computer systems, but to understand the risks and thus effect measures that will ensure minimal disruption to operations and public trust.
India has already adopted legal and policy solutions to deal with cybercrime. However, as it marches into the digital future, its organizations and enterprises must look to execute bold measures to ensure they are ready for anything.
The practice of protecting computer networks against malicious attacks and/or adverse cyber events such as unauthorized access of computer systems.
Cyber Resilience (CR):
The ability of organisations to quickly recover and deliver intended results even when affected by adverse cyber events and/or malicious attacks.
In 2017, India’s National Crime Records Bureau (NCRB) reported a total of 12,187 cybercrime cases for the previous year. However, experts believe the figure accounts for a mere 1% of the actual total as cybercrimes in India are largely under-reported. The opinion is corroborated by other reports, including one which listed India as the country with the second-highest number of cybersecurity breaches in 2018, with more than a billion user records being compromised in one particular case.
According to these reports, the technology, media, telecommunications and financial services sectors are most hit by cybercrimes. And with increased digitization of systems and processes in India, it is believed the number of attacks affecting these sectors will rise further.
*Every second in real-time represents an hour in the infographics shown.
Hover over the spots to learn more about the cyber attacks
Local Infections occur when computers on a network system have been infected by viruses or malware (malicious software) due to a user’s negligence.
Web Threats are malware programs that target users while they’re on the internet.
Network Attacks can refer to methods or processes that maliciously compromise a user or an organization’s network security.
Vulnerabilities refer to flaws in an organization’s infrastructure or user’s system that leave it open to attacks.
Spam is anonymous, unsolicited bulk email.
Infected Mail contains a virus or malware in the form of attachments. Most infected emails are automatically sent by another user’s infected computer.
On-Demand Scans is the process of scanning data in a computer system, including files which are not being actively used.
Network Activity is captured and recorded information about a user or organization’s network traffic communication, and what sorts of data were communicated.
Bearing in mind evidence of the prevalence of cybersecurity breaches in India and the government’s decision to push ahead with new data protection laws to bolster existing enactments – like the Information Technology Act 2000 and the Information Technology (Reasonable Security Practices and Sensitive Personal Data or Information) Rules 2011 – it has become even more important for organizations to understand the risks they face.
These include, but are not limited to, data theft, compromised accounts, lost files, and disabled systems. In addition, organizations may face risks related to data management, IT program execution, technological operations and ineffective risk management.
The Petya ransomware outbreak, coming six weeks after the threat of WannaCry appeared to have disappeared, sent government agencies and businesses around the globe scrambling for solutions once again.
The attack, which was first detected in Ukraine, struck 64 other countries, with India reportedly the worst hit in the Asia Pacific region.
In the case of Petya, the MEDoc accounting software was used to drop and install the ransomware into computer systems. Files on a user’s infected system were encrypted, with victims ordered to pay ransoms in Bitcoin to recover file access.
Among the Indian organisations reportedly affected by the outbreak were the Jawaharlal Nehru Port Trust (JNPT) and APM Terminals Pipavav.
These arise from employee errors, systems failures, regulatory non-compliance and embezzlement.
One of the largest cyber attacks in recent years occurred in May 2017 when malware hit systems running the Microsoft Windows operating system. WannaCry effectively encrypted data on computers and held users at “ransom” until either payment was made or six months had passed.
WannaCry was spread via email and caused a user’s computer to instantly freeze upon download of an attachment. This was followed by a prompt for payment of a ransom of $300 in Bitcoin.
It was reported that more than 40,000 computers in India were affected by the attack. Among those hit were the Gujarat state government, which saw 120 of its computers affected, as well the Andhra Pradesh police department, which experienced attacks on 100 of its computer systems
These span money laundering, terrorist financing, fraud, bribery and corruption, market abuse and insider trading.
In August 2018, cyber criminals hacked into the systems of India’s Cosmos Bank and siphoned off roughly 944 million rupees ($13.5 million).
The attack was carried out through a unspecified malware injected into the bank’s automated teller machine (ATM) server, which carried out 14,849 transactions in just over two hours. Additionally, the hackers transferred 139 million rupees ($1.98 million) to a Hong Kong-based company’s account through the issuance of three unauthorized transactions via the SWIFT global payments network.
Cosmos Bank noted that the hackers had bypassed the main computer system, which enabled them to perform the fraudulent transactions.
Despite the threats and risks, Accenture’s 2018 State of Cyber Resilience report indicates that business leaders who know when and how to focus on innovation-led initiatives can achieve sustainability and build cyber resilient ecosystems for their organisations.
It is thus vital to nurture the right cultural conditions as well as to work effectively to adapt people and processes so that resilience can be built from the inside out. The key, the report indicates, is to realize that dealing with cyber attacks effectively is possible when enterprises recognize that developing cyber resilience is more a boardroom imperative than just an IT issue.
Accenture’s analysis from the report shows that if enterprises do this, within two to three years they can achieve a sustainable level of cyber resilience, with security embedded into the organizational fabric.
Safeguarding the future prosperity of organizations requires the adoption of bold measures. Here are five ways which can help:
Use intelligence and data to be pro-active – Develop strategies to detect attacks and threats before they hit.
Test resilience like an attacker – Enterprises must prepare by simulating malicious incidents with dedicated attack and defense teams.
Employ advanced technologies – Use automation and analytics to build robust defense systems.
Be brilliant at the basics – Organizations must seek to protect valuable assets from the inside out across the value chain.
Adapt the role of the CISO – Organizations must give birth to a new kind of CISO (Chief Information Security Officer) who is both business-adept and tech savvy to ensure the inculcation of a security-first organizational culture.
Digitization drives growth but also attracts its fair share of risks. By creating a roadmap for developing cyber resilience, organizations can gain ground on hackers, innovate and expand as well as win customer trust. While this may not eliminate the prospect of breaches totally, it will make defenses more comprehensive and will ensure sustainable cyber resilience.