Data Loss Prevention

Augmented by broadband penetration smaller and emerging cities of India are exploring opportunities offered by the virtual world. This group of connected people and businesses has reached critical mass and is lucrative enough to be targeted by cyber criminals.

Indian Cities such as Bhubaneshwar, Surat, Cochin, Jaipur, Vishakhapatnam and Indore are increasingly facing the risk of cyber attacks, with one in four bot- infections in India reported in such cities, reveals India findings of Symantec Internet Security Threat Report, Volume (ISTR) 17. Also, some cities that repeatedly appear in the list for origin of phishing in India - Ahmedabad,  Nashik and Coimbatore also figure in the list of bot-infections.  Botnets are networks of zombie machines that are used to perform sophisticated attacks  and conduct coordinated attacks. The presence of bot-infected computers in these locations indicates that they are being inducted as part of a network of compromised computers. Users unwittingly becoming accomplices to organized cyber mafia who infect unprotected computers with Trojans that perform actions such as sending phishing/spam emails, distributed-denial-of-service attacks without the user’s knowledge. 

Yet, one would wonder about the larger objective of cyber criminals targeting smaller cities in the country. According to Zinnov Consulting, India is home to 50 million small and medium sized businesses (SMBs) and small and emerging cities of India have a high proportion of SMBs and industry clusters.  ISTR 17 reveals that targeted attacks are spreading beyond the more commonly assumed target of large organizations. More than 50 percent of such attacks target organizations with fewer than 2,500 employees, and almost 18 percent target companies with fewer than 250 employees.  Smaller organizations may be targeted because they are in the supply chain or partner ecosystem of a larger company. It is much easier for cyber criminals to compromise less defended smaller companies to get a foot in the door of a large organization.

It is this lack of awareness and inadequate security measures that makes people and businesses susceptible to cyber attacks.  Overall businesses need to be know about the various threats on the internet and accordingly develop their security strategy. Some security best practices include:

• Restrict the use of portable file storage devices, such as external USB drives, that can unintentionally introduce malware into your systems.
• Be sure you are monitoring your network, to identify potential attacks before you are compromised.
• Employ multiple forms of protection, from endpoints to each level of your network, including firewalls, intrusion detection and gateway antivirus solutions.
• Implement intelligent security policies that require confidential information to be encrypted.
• Finally, be sure your security solutions and patches are kept up to date, to deal with emerging threats.

For more information, see the full Internet Security Threat Report.