69 Percent of Targeted Attacks in India Focus on Large Enterprises

Symantec Corp.’s Internet Security Threat Report (ISTR), Volume 19, shows a significant shift in cybercriminal behavior, revealing the bad guys are plotting for months before pulling off huge heists – instead of executing quick hits with smaller rewards. It underlines that attackers are unrelenting in their focus on large enterprises with over 69 percent or more than 2/3rds of the targeted attacks in India carried out on them.

New Era of ‘Mega Breaches’
“One mega breach can be worth 50 smaller attacks,” said Tarun Kaura, Director, Technology Sales at Symantec India. “While the level of sophistication continues to grow among attackers, what was surprising last year was their willingness to be a lot more patient – waiting to strike until the reward is bigger and better.”

Globally, there was a 62 percent increase in the number of data breaches from the previous year, resulting in more than 552 million identities exposed – proving cybercrime remains a real and damaging threat to consumers and businesses alike. The size and scope of breaches is exploding, putting the trust and reputation of businesses at risk, and increasingly compromising consumers’ personal information – from credit card numbers and medical records to passwords and bank account details. Each of the eight top data breaches in 2013 resulted in the loss of tens of millions of data records. By comparison, 2012 only had a single data breach reach that threshold.


“Nothing breeds success like success – especially if you’re a cybercriminal,” added Kaura. “The potential for huge paydays means large-scale attacks are here to stay. Companies of all sizes need to re-examine, re-think and possibly re-architect their security posture.”

Defense is Harder than Offense

Globally targeted attacks were up 91 percent and lasted an average of three times longer compared to 2012.  In India, cyber criminals are unrelenting in their focus on large enterprises with a staggering 69 percent targeted attacks carried out against them. Despite stepping up their information security measures, businesses in India continue to be an attractive target for cybercriminals.

Furthermore, within organizations, support functions with access to critical data emerged as the strongest target for attackers globally. Personal assistants and those working in public relations were the two most targeted professions – cybercriminals use them as a stepping stone toward higher-profile targets like celebrities or business executives.

Small Businesses are Pawns in a Larger Plot

Small and medium-sized businesses often have less adequate security practices and resources.  Attackers are increasingly targeting smaller businesses that have a relationship with a larger company.  Not surprisingly, in India, small businesses received the highest number of phishing and virus-bearing emails - almost three times as much as the larger targets. 

Newer Industries are Low-hanging Fruits for Cybercriminals

In India, nearly four in 10 attacks were carried out on non-traditional services industries like hospitality, business and personal services. This was followed by attacks on manufacturing, finance and insurance.

On the other hand, globally, the top data targeted during a breach had moved from just financial information to basic information like names, addresses, email addresses and government ID proofs etc. Interestingly, while non-traditional, service- centric organizations handle such information in large numbers, they may often lack adequate security practices and infrastructure making them easy targets for such attacks.  

India: A Key Threat Frontier

India emerged as a key threat frontier, ranking as the third highest source of overall malicious activity. While it continued to hold its position as the spam capital of the world with 9.8 percent of spam zombies; it was also the highest source of botnet spam, with 6.6 percent or close to 1.45 billion spams originating from its borders every day. India ranked especially high in the number of top botnets like Cutwail, Kelihos, GRUM and GHEG. Large botnets like Cutwail and Kelihos have made their presence felt in the threat landscape this year by sending out malicious attachments. According to the report, Cutwail which is the spam-sending botnet for the malware Pandex sends 8.06 billion spam messages every day, out of which the highest are sent from India (over 620 million).

How to Maintain Cyber Resiliency

While the increasing flow of data from smart devices, apps and other online services is tantalizing to cybercriminals, there are steps businesses and consumers can take to better protect themselves – whether it be from a mega data breach, targeted attack or common spam. Symantec recommends the following best practices:

For Businesses:

Know your data: Protection must focus on the information – not the device or data center. Understand where your sensitive data resides and where it is flowing to help identify the best policies and procedures to protect it.  

Educate employees: Provide guidance on information protection, including company policies and procedures for protecting sensitive data on personal and corporate devices.
Implement a strong security posture: Strengthen your security infrastructure with data loss prevention, network security, endpoint security, encryption, strong authentication and defensive measures, including reputation-based technologies.

For Consumers:

Be security savvy: Passwords are the keys to your kingdom. Use password management software to create strong, unique passwords for each site you visit and keep your devices – including smartphones – updated with the latest security software.

Be vigilant: Review bank and credit card statements for irregularities, be cautious when handling unsolicited or unexpected emails and be wary of online offers that seem too good to be true – they usually are.

Know who you work with: Familiarize yourself with policies from retailers and online services that may request your banking or personal information. As a best practice, visit the company’s official website directly (as opposed to clicking on an emailed link) if you must share sensitive information.

About the Internet Security Threat Report
The Internet Security Threat Report provides an overview and analysis of the year in global threat activity.  The report is based on data from Symantec’s Global Intelligence Network, which Symantec analysts use to identify, analyze, and provide commentary on emerging trends in attacks, malicious code activity, phishing, and spam.

Comments