Context:
According to a recent report, India is one of the geographies significantly impacted by phishing attacks.
More on the news:
This report is provided by Verizon Business, a New Jersey-based company that offers cybersecurity solutions and products.
Key Findings:
• Phishing Attacks: India is a major target for phishing attacks that can lead to financial losses and data breaches.
- However, reporting practices are improving in India, with 20% of users now identifying and reporting phishing attempts.
• Espionage Attacks: The Asia-Pacific region (APAC), including India, experiences a significantly higher rate of espionage cyberattacks compared to other regions.
- 25% of APAC cyberattacks are motivated by espionage, compared to 6% and 7% in Europe and North America, respectively.
• Vulnerability Exploitation: APAC witnessed a 180% growth in vulnerability exploitation, highlighting the need for robust security patching practices.
- Organisations in the region take an average of 55 days to patch half of their critical vulnerabilities.
• Human Error: Over two-thirds of cyber breaches involve human error. Phishing attacks exploit this vulnerability by tricking employees into compromising security.
• Data Breaches: System intrusion, social engineering, and basic web application attacks are the most common causes of breaches in APAC. These breaches primarily compromise credentials (69%), internal data (37%), and sensitive secrets (24%).
About phishing:
Phishing attacks are a type of cyber-attack where the perpetrator sends emails or other forms of communication that appear to be originating from authentic sources. However, their intent is to deceive the recipient into divulging personal or financial information.
- Phishing attackers impersonate legitimate entities, such as banks, credit card companies, social media platforms, or even trusted colleagues.
- They use various communication channels, including emails, text messages (smishing), phone calls (vishing), or even social media messages.
Tricking the Victim:
- The attacker creates a sense of urgency or urgency to pressure the victim into acting quickly without thinking critically.
- They may use tactics like scaring the victim with threats of account suspension or financial loss and offering tempting rewards that seem too good to be true.
India’s steps to counter phishing vulnerability:
- Cyber Surakshit Bharat: The Cyber Surakshit Bharat program aims to boost India’s cybersecurity through capacity building, awareness, and resilient IT setups.
- Indian Cybercrime Coordination Centre (I4C): The I4C tackles cybercrime with improved coordination among agencies.
- Budget Allocation: India’s cybersecurity budget has surged to ₹515 crores for 2022-23, tenfold higher than in 2014-15.
- The National Cyber Coordination Centre (NCCC) monitors and responds to cybersecurity threats.
- CERT-In (Indian Computer Emergency Response Team) issues alerts and advisories to inform about phishing attacks.
Conclusion:
while phishing attacks remain a persistent threat, India has made significant strides in strengthening its cybersecurity posture. By continuing to invest in technology, education, and collaboration, India can further enhance its resilience against cyber threats and safeguard its digital assets and critical information