Cyber criminals reach every corner of India

May 02, 2011 |

Vinay Madhav

Bengaluru

Tags:

Cyber crime

cybercrime - Illustration - P.K. Job.jpg.crop_display.jpg

With increasing social networking and mobile computing, India’s vulnerability to cyber crime has increased.

Shockingly, about 35 per cent of spam in Asia Pacific Japan (APJ) zombies are attributed to India and 11 per cent of phishing hosts in APJ were located in India.

Even worse is that 14 new zero-day vulnerabilities, which played a key role in targeted attacks, including Hydraq and Stuxnet, were found in India during 2010, while mobile vulnerabilities witnessed an upsurge to the tune of 42 per cent.

These were the findings of Symantec, in its Internet Security Threats Report (ISTR) for 2010.

“The growing prevalence and capabilities of the most visible cyber events in 2010 are Stuxnet and Hydraq, which have turned the focus on protecting business and critical infrastructure. As India is rapidly taking to mobile computing and social networking, it needs to be watchful about the vulnerabilities and threats these platforms present,’’ said Mr Shantanu Ghosh, Vice President of Symantec.

According to the report, the cyber criminals launched specific attacks against a diverse collection of publicly traded multinational corporations and government agencies in 2010. In many cases, the attackers researched key victims within corporations and then used tailored social engineering attacks to gain entry into the victims’ network.

Removable Drives And Critical Infrastructure:

The analysis of attacks on critical infrastructure has exposed the fact that Indian enterprises lack basic security software and have lax signature updates. The report pointed out that India was home to the third highest Stuxnet infections after Iran and Indonesia.

Stuxnet targeted sensitive information by exploiting a zero-day vulnerability in order to infect machines through removable drives. The high rate of Stuxnet infection in India can be attributed to the large number of computer users in the country relying on removable media like CD, flash drive for copying data and so on.

Stuxnet and Hydraq represent true incidents of cyber warfare and have fundamentally changed the threat landscape. The nature of threats have expanded from individual bank accounts being targeted to targeting information and the physical infrastructure of nations, like power supply, nuclear power stations and so on.

Mobile threat landscape:

The Symantec report noted that the Indian major mobile platforms are becoming ubiquitous enough to attract the attention of attackers. Symantec documented 163 vulnerabilities during 2010 that could be used by attackers.

Post new comment

<form action="/comment/reply/71391" accept-charset="UTF-8" method="post" id="comment-form"> <div><div class="form-item" id="edit-name-wrapper"> <label for="edit-name">Your name: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="60" name="name" id="edit-name" size="30" value="Reader" class="form-text required" /> </div> <div class="form-item" id="edit-mail-wrapper"> <label for="edit-mail">E-Mail Address: <span class="form-required" title="This field is required.">*</span></label> <input type="text" maxlength="64" name="mail" id="edit-mail" size="30" value="" class="form-text required" /> <div class="description">The content of this field is kept private and will not be shown publicly.</div> </div> <div class="form-item" id="edit-comment-wrapper"> <label for="edit-comment">Comment: <span class="form-required" title="This field is required.">*</span></label> <textarea cols="60" rows="15" name="comment" id="edit-comment" class="form-textarea resizable required"></textarea> </div> <fieldset class=" collapsible collapsed"><legend>Input format</legend><div class="form-item" id="edit-format-1-wrapper"> <label class="option" for="edit-format-1"><input type="radio" id="edit-format-1" name="format" value="1" class="form-radio" /> Filtered HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd></li><li>Lines and paragraphs break automatically.</li></ul></div> </div> <div class="form-item" id="edit-format-2-wrapper"> <label class="option" for="edit-format-2"><input type="radio" id="edit-format-2" name="format" value="2" checked="checked" class="form-radio" /> Full HTML</label> <div class="description"><ul class="tips"><li>Web page addresses and e-mail addresses turn into links automatically.</li><li>Lines and paragraphs break automatically.</li></ul></div> </div> </fieldset> <input type="hidden" name="form_build_id" id="form-6b30d7b583e6602035b80612107fd58c" value="form-6b30d7b583e6602035b80612107fd58c" /> <input type="hidden" name="form_id" id="edit-comment-form" value="comment_form" /> <fieldset class="captcha"><legend>CAPTCHA</legend><div class="description">This question is for testing whether you are a human visitor and to prevent automated spam submissions.</div><input type="hidden" name="captcha_sid" id="edit-captcha-sid" value="85772623" /> <input type="hidden" name="captcha_response" id="edit-captcha-response" value="NLPCaptcha" /> <div class="form-item"> <div id="nlpcaptcha_ajax_api_container"><script type="text/javascript"> var NLPOptions = {key:'c4823cf77a2526b0fba265e2af75c1b5'};</script><script type="text/javascript" src="http://call.nlpcaptcha.in/js/captcha.js" ></script></div> </div> </fieldset> <span class="btn-left"><span class="btn-right"><input type="submit" name="op" id="edit-submit" value="Save" class="form-submit" /></span></span> </div></form>