Security solutions provider, Seqrite has highlighted the growing cyber threat to Indian enterprise ecosystem with the Seqrite Annual Threat Report 2020. The report is based on insights analysed by Quick Heal Security Labs, a leading source of threat research, threat intelligence and cybersecurity, and is based on the telemetry threat data sourced from enterprise endpoints and networks during 2019.
The most prominent trend highlight by the latest Seqrite threat report was the drastic increase in the volume, intensity, and sophistication of cyber-attack campaigns targeting Indian enterprises. Over the last 12 months, Seqrite detected and blocked more than 146 million enterprise threats – marking a year-on-year growth of 48% compared to 2018. Interestingly, almost a quarter (23%) of the threats were identified through Signatureless behaviour-based detection by Seqrite, indicating how a growing number of cybercriminals were deploying new or previously unknown threat vectors to compromise enterprise security.
The sharp spike should be a cause for concern for CIOs and CISOs in the country, especially given the growing digital penetration within their enterprise networks. With network vulnerabilities and potential entry points increasing at a rapid pace, threat actors are expected to leverage AI capabilities to power their malware campaigns in the future to capitalise on newer attack vectors.
Speaking on the threat report, Sanjay Katkar, Joint Managing Director and CTO – Quick Heal Technologies, said, “Indian enterprises and government departments are facing an unprecedented risk within the cyberspace today. Their digital transformation is leaving them vulnerable to sophisticated threats and attack campaigns conducted by organised cybercrime cells and hostile nation-states with a view of disrupting the larger socioeconomic activity and stealing critical, important, and sensitive information. With the latest Seqrite Annual Threat Report, we want to empower CIOs, CISOs, business leaders and all key public stakeholders with the insights they need to combat the growing complexity of the threat landscape. India’s digital journey depends on ensuring robust cybersecurity for all stakeholders within the enterprise ecosystem. At Seqrite, we remain committed to providing the most cutting-edge enterprise security solutions to defend against the scale and sophistication of cyber threats, at present and in future.”
Manufacturing, BFSI, Education, IT/ITES, Healthcare, and Government emerge as the most lucrative sectors for cybercriminals
The growing penetration of new-age digital technologies and services in enterprise networks has driven widespread transformations across all industries. Organisations across sectors have benefitted from this digital adoption and the unparalleled optimisation that it delivers.
However, this digital transformation is also giving rise to multiple cybersecurity concerns across the entire enterprise ecosystem. For instance, the rapid integration of IoT devices, BYOD, and third-party APIs into enterprise networks has created newer security vulnerabilities that might go unnoticed until a major breach occurs.
In 2019, cybercriminals were found trying to capitalise on this trend by targeting enterprise networks across multiple industries. Sectors such as manufacturing, BFSI, education, IT/ITES, healthcare, and government were identified as the most at-risk, as the massive volumes of high-value data that they process have made them lucrative targets for threat actors.
Threat researchers at Seqrite also observed several large-scale advanced persistent threats (APT) attacks deployed against organisations in the government sector, including prominent attack campaigns such as Operation m_project and BackDoor.DTrack. This trend highlighted how cybercriminals were now turning to newer, more nuanced attack methodologies to steal sensitive data of national importance. The entry of nation-states and organised cybercrime cells into the fray is expected to add more complication to this situation and will require Indian government bodies and corporate enterprises to shore up their cyberdefence strategies in 2020 and beyond.
Amongst other interesting trends highlighted in the Seqrite Annual Threat Report 2020 was the growing sophistication of malware attacks. Open-source tools, for instance, were used to drive the success of Emotet and Phobos ransomware campaigns, while BlueKeep-based RDP attacks have also grown due to the availability of freely-available exploit kits on popular exploitation frameworks.
More alarming, however, was the continued lack of security awareness amongst enterprises and government organisations. Unsecured Remote Desktop Protocol (RDP) and Server Message Block (SMB) protocols continued to be targeted through brute-force attacks. Spear phishing attack campaigns leveraging Office exploits and infected macros were also used extensively by cybercriminals to gain access to enterprise networks and steal critical data.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]