Cyber threats are set to grow and social networking sites like Facebook and Twitter will be targetted the most.
* India Inc lost $27.8 million in H1 2011 due to phishing attacks, says RSA, the security division of EMC.
* The US, which is usually the top spam-sending country, dropped out of the top 10 list and was replaced by India (12 per cent), reports Trend Micro.
* Symantec's Security Check reveals that Indian banks lost Rs 12.6 crore due to cyber attacks in the last financial year, nearly double the loss faced by the overall financial services industry.
* Websense predicts that users' social media identity may prove more valuable to cybercriminals than credit card details.
The common factor in the explosion of breaches, rise of advanced malware, and propagation of exploit kits is the Web. With 100 million Indians online, the market is already a hotbed for cyber criminals.
Delhi-based teacher Deepanshi Singh was looking for credit card offers from her bank when she got a legitimate looking mail from another Indian bank, where she didn't have an account. "The credit card offer was really good. It offered assured discounts and money back schemes at retailers I shopped. The mail contained a link that took me to a legitimate looking site with corporate logos," says Singh.
To compare other credit card offers, Singh also searched for other banks online. "That's when I came across the same bank's website on Google results page and this one did not show any of the offers mentioned in the email," Singh adds.
Singh was a typical victim of phishing - an email fraud - where the perpetrator sends out what looks like a genuine email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well- known and trustworthy web sites.
By spoofing websites of institutions such as banks, the attackers dupe users and obtain confidential information. "Phishers take advantage of the belief that user will be safe if they visit 'good' websites," reasons Shantanu Ghosh, VP and MD (India Product Operations), Symantec.
Between April and October 2011, about 0.4 per cent of all phishing sites were hosted on compromised Indian websites, claims Symantec. The most targeted was not the banking sector but education which included websites of Indian schools, colleges and other education institutes. "There were 13 institutes whose websites were compromised. These domain names were used to spoof 16 brands," points Ghosh. Domain names of colleges in Uttar Pradesh were found to be the highest in phishing in comparison to other states. This was about 43 per cent of the phishing attacks, followed by Tamil Nadu and Delhi, comprising 27 per cent and 15 per cent respectively.
Cyber threats are only set to grow, say experts. Avendus Capital estimates that as the time spent online will grow by 27 per cent per user in the next couple of years, so will the number of transacting users that will grow from 9 million to 39 million by 2015. A survey from Microsoft says that nearly one fourth of Indians (that is over 23 per cent) have suffered as victims of cyber-attacks. "If we look at the various kinds of cyber-attacks - personal data loss tops the chart with 67 per cent of people followed by 19 per cent users witnessing email account hacking," the survey notes.
|Coming Up in 2012 |
With all of the security breaches, exploits and hacks in 2011, what should you look out for in 2012?
|* Trend Micro predicts that with Bring-Your-Own-Device (BYOD) expanding in 2012, corporate data will be stored or accessed by devices that are not fully controlled by IT administrators. This will increase the likelihood of data loss caused by improperly secured personal devices will rise.|
|* Worms or malware that are able to propagate from one device to another, has by and large, remained absent from the Android OS, but FortiGuard Labs believes that will change in 2012. Unlike Cabir, the first Symbian worm discovered in 2004, Android malware developers most likely won't be using Bluetooth or computer sync to spread because of their limited ranges. The threat is from infected SMSes that include a link that contains the worm or through infected links on social networks like Facebook and Twitter.|
|* Websense Security Labs believe that scareware tactics and the use of rogue anti-virus which decreased in 2011 will stage a comeback. Except, instead of seeing "you have been infected" pages, three areas will emerge as growing scareware subcategories in 2012: a growth in fake registry clean-up, fake speed improvement software, and fake back-up software mimicking personal cloud backup systems.|
|* Cybercriminals will continue to take advantage of today's 24-hour news cycle, only now they will infect users where they are less suspicious: sites designed to look like legitimate news services, Twitter feeds, Facebook posts/emails, LinkedIn updates, YouTube video comments, and forum conversations, lists Websense.|
|* Perimeter defence mechanisms like anti-virus software, firewalls cannot prevent attacks like Spear Phishing Attacks or Advanced Persistent Threats (APTs). People are the new perimeter. RSA believes that behavior-based technology, real-time monitoring of activities, forensics will gain more prominence in the coming year given the threat landscape.|
The biggest threat to online users will come from social networks. Facebook, Google and Yahoo are the top three websites in India where users spend most of their time. "The most advanced criminals are going to ride the waves of personal devices and social media use of employees to create advanced, social engineering attacks to get in," predicts Dan Hubbard, chief technology officer, Websense.
In July 2011, Trend Micro researchers spotted a page that enticed users to click a link to get free invitations to Google's new social network Google+. All the users got however was an "opportunity" to take part in a survey that put them at risk. Karan Raizada, a management student in Mumbai fell for the free Google+ invite. He was directed to a 'free survey site' instead. "My security software detected that system was being directed to a malicious site and blocked it," he says.
Even LinkedIn users came under attack. Trend Micro identified the scam, which tricked users into clicking a malicious link to a supposed Justin Bieber video that redirected to a malicious site.
The good news, 2011 is almost over. The bad news, 2012 promises to be even more worrisome.