The profile and motivation of cyber attackers the world over has changed. The motivation to commit a cybercrime now goes beyond financial, to political, economic and sociocultural aspects. Cybercriminals aim to disrupt and cause chaos not only in businesses but also in the nation at large, according to a study on cyber security, jointly conducted by ASSOCHAM and PwC.
With the growing penetration of internet and smartphone, India has emerged as one of the most favorite countries among cyber criminals. The past attacks have been mostly initiated from the countries such as the US, Turkey, China, Brazil, Pakistan, Algeria, Turkey, Europe, and the UAE.
According to the study, there has been a surge of approximately 350 per cent in cybercrime cases registered under the Information Technology (IT) Act, 2000 between 2011 and 2014 in India. Around the same period, about 50 per cent rise in cyber crime incidents was reported in the USA.
Titled ‘Protecting interconnected systems in the cyber era’, the study notes that the Indian Computer Emergency Response Team (CERT-In) had also reported a surge in the number of incidents handled by it, with close to 50,000 security incidents in 2015.
Operational systems apparently are most vulnerable to cyber attacks, as many are built around legacy technologies with weaker protocols that are inherently more vulnerable.
Cyberattacks are also occurring at a greater frequency and intensity. The attackers aim at disrupting the routine way of life, and try to gain control of vital systems such as nuclear plants, railways, transportation or hospitals that can subsequently lead to dire consequences such as power failures, water pollution or floods, disruption of transportation systems and loss of life, notes the study.
Politically motivated or state-sponsored cyberattacks are carried out by members of extremist groups who gather information and commit sabotage. Cyber-terrorism is the psychological and physical damage on their targets, in order to achieve their political gain or create fear within opponents or the public. They use cyberspace as a medium to spread propaganda, attack systems and steal money in order to fund their activities.
Continuous research and development can help in capacity building and coming up with effective solutions, while a cross-sector knowledge database inclusive of all the past incidents and threats needs to be maintained and analysed to strengthen protection measures.
“Relevant, properly configured technology, and investment in the right technology is another key characteristic of resilient OT and CT networks. Using the right detection, prevention, monitoring and reporting tools will help organisations to prevent attacks and facilitate informed decision-making in relation to possible cyber security threats.”
A strong collaboration between well-equipped IT, OT and CT teams is also necessary for a unified approach to risk management and incident response. Monitoring OT and CT must be brought under the ambit of security monitoring, as in the case for IT networks.
The study mooted the building of a forward-looking cyber security programme that is based on the right balance of technologies, processes and people skills—all supplemented with an ample measure of innovation. With these components in place, organisations are likely to be better prepared for the future of cyber security.