Responding to cybercrime incidents in India

  • Share

Over the last few years, there has been an exponential rise in targeted cyber-attacks which are aimed at financial gain. Incidents around ransomware, data breach incidents and DDoS (Distributed Denial of Service) attacks also made headlines worldwide. Today, a company’s ability to deal with such situations effectively is a priority but at the same time, it can be difficult due to the nature, complexity and volume of cyber incidents. What could separate the better prepared company from the rest is their ability to predict the impact of an incident, after it is discovered. In line with this, our report, Responding to cybercrime incidents in India attempts to answer the question, are businesses operating in India ready to deal with cybercrime incidents?

Key findings

of the respondents who could detect these incidents were confident of doing so within 48 hours

of the respondents believe their IT security teams do not have enough specialists to deal with cybercrime incidents

of the respondents stated a need to enhance cyber laws in India

of the respondents will continue spending the same on incident response strategies

of the respondents will spend more on investigation and forensic capabilities

unanimously identified social media as a big risk from a cybercrime perspective

Our report further highlights,

  • Insider threat is on the rise:
    One fifth of the survey respondents stated that employees are one of the weakest link in the company’s defense mechanisms against data theft, system tampering or DDoS. However, more focus is still toward mitigating attacks from unknown hackers. Therefore, companies should focus their efforts to manage both insider risks as well as external threats.
  • Companies are unable to detect incidents effectively due to low understanding of the motive behind the attack:
    A little more than one third of the survey respondents have been able to detect these incidents effectively. This states that majority of Indian businesses have been unable to effectively detect a cyber incident that could result in serious repercussions for their internal and external stakeholders.
  • Companies need to invest more in investigative capabilities:
    Investments around detection and investigation of cybercrime incidents were at the bottom of investment priorities. The role of investigators would be crucial in helping companies strengthen their defenses against advanced cybercrime risks. Companies also would have to look at more advanced techniques to combat cybercrime and invest more in diagnostics programs, cyber threat intelligence and incident response.

Emerging areas of risk include,

EY - RansomwareRansomware: Globally, there has been a spurt in cases where ransomware has been targeted at the C-suite. As the “ransom” typically accepted in Bitcoins or other cryptocurrency, it is nearly impossible to trace it to the beneficiary.
EY - The Internet of Things The Internet of Things (IoT): IoT means that all physical objects will possess an internet protocol (IP) address, and get transformed into mini computers. Such devices can also be hacked for sensitive data or disruption. Increasing technology innovations can make this a key area of concern in the future.
EY - Social Media PlatformsSocial Media Platforms: When it comes to cybersecurity, employees with low awareness of the potential hazards of extensive social media usage could be the “weak links” in an organizational set up. Phishing emails or spoofing are some emerging techniques through which hackers can compromise the systems of unsuspecting employees.
 EY - Mobile   Mobile: Hackers are trying increasingly trying to exploit the vulnerabilities of mobile applications, using phishing websites and social media tricks to harvest credentials of unaware users.
EY - CryptocurrencyCryptocurrency: The challenges in using cryptocurrencies such as Bitcoins is that these systems are capable of facilitating tax evasion or illegal activities because of the anonymity factor which is built into the system. As a result, Bitcoin is a preferred mode by hackers for ransomware.
EY - Digital payments Digital Payments: Cyber attackers could look to finding new ways to exploit the situation by targeting individuals and digital payment service providers. This may be done by exploiting technical and process loopholes as well as lack of user awareness around the do’s and don’ts.