Locked-down India sees multifold increase in cyber crimes

COVID-themed attacks on rise; institutions at forefront of virus battle at most risk

cyber-security Representational Image | Pixabay

The novel coronavirus has indicated no signs of going slow on its world tour, forcing nations to close borders and economies to lock down. Meanwhile, another seemingly invisible and overlooked menace is fast mushrooming into a global crisis. According to cybersecurity experts, hacking activities and cyber crimes are rising at an alarming rate as miscreants take advantage of the globe's new-found dependence on the virtual world. From WHO to Cognizant to MSMEs and individuals, nobody is safe as the cyber criminals are not sparing anyone. 

A recent study by cyber security firm Uniken has revealed that locked-down India has clearly witnessed a two to three times increase in cyber crimes over the past few weeks. An unprecedented byproduct of COVID-19 is that now, more than ever, a majority of people are turning to the internet to earn money or find new job opportunities. Hiding behind the safe foliage of the coronavirus are cybercriminals who are busy unravelling vulnerabilities and using these to their advantage. 

"With almost all the sectors in India practising work from home, this has put a humongous strain on the security teams who are responsible for safeguarding the backend data and files. This risk is all the more higher for organisations that deal with customer-sensitive data such as banks/NBFCs, healthcare companies, government agencies, etc. Such companies are at the forefront battling these threats," said Uniken CEO Bimal Gandhi. 

Even WHO is not being spared as research firm Memoori revealed that cyber attacks against the organisation have doubled in the past month during the crisis. The CISO at the WHO admitted that the organisation faced an increase in cyber threats since the pandemic began. 

The findings by CloudSEK, another cyber security firm, corroborates the increased risk of institutions or systems at the forefront of the fight against coronavirus. CloudSEK's analysis has revealed that "threat actors have changed their tactics and lures to capitalise on the COVID-19 outbreak."

Consequently, there has been a spike in the COVID-themed attacks since January. The number of COVID-related high risk domains, scams, and phishing lures detected every week, has spiked since January. While the COVID-related high risk domains have risen from zero to more than 1.2 million between January and April, the number of scams has touched more than 1.6 million during the same period. 

“The main targets (of these cyber fraudsters) are remote workforces and hospitals and COVID-19 testing facilities,” says Deepanjali Paulraj, the lead cyber intelligence editor at CloudSEK. Scams targeting Microsoft’s cloud tools have increased 72 per cent from January to March, while Skype counterfeiting has risen 31 per cent during February-March. 

The Computer Emergency Response Team of India (CERT-In) in its latest advisory highlighted that cyber criminals are, indeed, taking the lockdown as an opportunity to send phishing emails claiming to have important updates or encouraging donations, impersonating trustworthy organisations. 

The sudden shift to work from home conditions is a major culprit here. A proper and secure workflow might be already in place for a relatively larger company as opposed to an MSME which has to completely shift to an online platform. "Big organisations already have some cyber security preparedness. The MSME is one of the most affected sectors because they might have had to switch to internet platforms overnight without much preparation," says Nandakishore Harikumar, CEO of Technisanct, big data and cybersecurity startup. 

Another alarming trend is that in the post-COVID-19 world, an increasing number of individuals are getting attacked than ever. Harikumar’s team is frequently engaged in exposing a number of fake SIM card scams, a threat to both individual and national security, run via Telegram and the dark net. "These scams happen because there are enough consumers for these. People need to be informed and hence, there is a need to create more awareness," he says. 

Another similar scam run via Telegram is the Paytm doubling scam. Scamsters in specific Telegram groups lure Paytm Wallet customers to double their wallet amount by clicking on a few links. While many are getting duped and are not reporting such incidents due to fear and shame, there might be even individuals who have not even realised that they have been conned due to lack of online experience. Harikumar’s company has been constantly flagging these threats with the CERT and the home ministry. 

With work from home becoming a norm these days, cybersecurity threats of wider financial and personal consequences cannot be eliminated completely. However, the onus is on the company to keep its cyber security up-to-date. Encrypt and secure all devices and connections. If possible, companies should ask employees to use corporate-issued devices, since they are likely already secure. 

Changing passwords frequently, alerting employees of the probability of phishing emails, two-factor authentication and anti-virus or anti-malware software and secure VPNs are all ways that both companies and individuals should use to ward off potential threats. 

The government too, needs to beef up its night's watch. Home ministry, CERT and other government agencies should issue frequent advisories and expose cyber fraudsters on a regular basis.