Hackers trick people into copying popular brands, earning millions by threatening to leak data
India was the second country in Asia to suffer the most cyber attacks after Japan. India accounts for 7% of the total attacks in Asia last year. Tech company IBM gave this information in its annual X-Force Threat Report. Sudeep Das, Security Software Technical Sales Leader, IBM Technology Sales, India & South Asia, described how companies should harden their cloud-based data security with technologies such as Confidential Computing.
Ransomware dominated in 2020 cyber attacks
Das says that ransomware was the most used for cyber attacks in India. It accounted for 40% of the total attacks. Ransomware is used by hackers to seek a ransom. For this, the user’s data is threatened until stolen, encrypted or even leaked.
The most active ransomware group of last year was Sodinokibi. According to the report, it was involved in 22% of ransomware incidents worldwide. According to one estimate, Sodinokibi had stolen about 21.6TB of data from its victims. About two-thirds of the Sodinokibi victims also paid the ransom and about 43% of the data was leaked. X-Force estimates the group earned more than Rs 890 crore from the ransom last year.
Finance sector was most affected in India
Das said that 60% of the attacks in India were on the finance and insurance sector, followed by the manufacturing and professional services sector. Last year, Indian companies suffered the most attacks related to digital currency mining and server access. It was also seen that using sensitive information such as public health information, the cyber criminals also tried to trap people by luring them with vaccination.
Cloud-based attacks increase
The report said that the most attacks on Indian companies occurred between May and July. This was also the time when the epidemic was reaching its peak and businesses were moving rapidly towards online. Many businesses were increasingly adopting the cloud due to the lockdown and at the same time, cloud-based attacks saw a boom.
Das explained that “companies should tighten their cloud environments to stay safe and monitor any sensitive activity using AI technology.”
Need to emphasize Confidential Computing
Das said that now there is a need to emphasize on the use of Confidential Computing. It encrypts the data during processing. Whereas before, the data had to be decrypted just before being processed, making it potentially vulnerable. Understand in simple terms, even if hackers break into the cloud environment, they will not be able to access the data due to Confidential Computing. This technology can reduce the risk of companies being hacked. He said that companies would also have to ensure which data would be accessed by which employees.
The report states that it may become an easy option for hackers to breach cloud environments in the future. However, there is no escaping it. Companies have no choice but to build a hedge. In practice, companies will have to be online with time and in such cases, they will face cloud-based attacks. They will have to try to avoid such attacks. Initially, we have to identify those things, which need a lot to overcome.
These brands were created fake brands during the epidemic
Globally, cybercriminals opted to disguise themselves as brands that consumers trust to steal users’ financial and confidential information or infect their devices with malware. The report said that tools such as Google, Dropbox and Microsoft or online shopping brands like Amazon and PayPal were among the top-10 brands last year, which were hacked by hackers by creating fake brands. YouTube and Facebook also topped this list. Surprisingly, Adidas was the seventh such brand to be copied the most in 2020.