Big Indian conglomerates, mid-scale companies based in tier 2 or tier 3 cities and the country’s biggest banks; everybody is being targeted by the hackers and with each passing day, the breach attempts are getting more sophisticated.
In May 2015, two Indian conglomerates were forced to pay $5 million each in order to prevent hackers from disclosing information that could have implicated them in a wrongdoing.
In 2014 Gujarat-based Rs, 1,500 cr BSE listed, Deepak Nitrite was surprised when one of its regular customers based in the US, didn’t pay even after receiving a consignment. When the company asked the customer about the payment, they were told that the payment was made to a new account in Malaysia. The client had received an email from Deepak Nitrate’s official id just earlier informing it of a change in bank account details. Deepak Nitrite had neither changed the bank account nor communicated any such thing to its customer. The Gujarat based company has filed a complaint with cyber cell of Vadodara police but nothing has come of it yet.
In July this year, state run Union Bank of India was breached by cyber hackers but thankfully the money trail was traced in times and movement of funds was blocked which prevented it from becoming the biggest hacking incident, bigger than the Bangladesh central bank breach.
In January this year, hackers seized control of computers at three Indian banks and a pharmaceutical company by gaining control into the IT system and locking each and every computer. The hackers had demanded that the company pay one-bit coin per computer to unfreeze the computers. A private investigator roped in the case found that the hackers had used the Lechiffre ransomware which was downloaded in the company’s IT system when a junior employee opened an email disguised from senior management.
In-house analysis conducted by the biggest cyber security firms say that Indian companies lose anywhere around $ 4 billion every year due to cyber-attacks.
Experts say that lack of secrecy maintained by Indian companies become a boon for hackers.
The secrecy of banks on hacking attempts may not remain much under wraps because of the instructions by Reserve Bank of India which makes it mandatory for banks to disclose the breaches.
The vulnerability of the banks came to light recently when data of about 3.2 million debit cards was lost in what is claimed to the India’s biggest breaches. SBI, HDFC Bank, ICICI, YES Bank and Axis were worst hit by the breach of the debit cards.
Many banks have now beefed up their security systems and have created a parallel and a decoy IT system so that the hackers attack those instead of actual IT systems.
However, the Indian companies are continuing to ignore the threats, the threats which are even attacking IT companies. But to be on safe side, it is important for IT companies to rope in ethical hackers who have the same skills and intelligence as black-hat hackers but with good intentions.
Many companies including ecommerce and mobile app-based service providers are increasingly roping in ethical hackers to look for loopholes in their system by continuously trying to hack into them from outside and report back to the company. In some cases, these ethical hackers also help companies fix the glitch which is why new age companies are better prepared for cyber attacks than their traditional counterparts.
While bounty hunting by security experts may be one of the flashiest of the techniques but that’s not the only trick experts have up their sleeves. During a conversation, cyber security head of PwC said that some of its tech experts do monitor even the dark web, disguised as hackers.
This is mainly to keep an eye on what’s happening behind the closed door, and if they can stay a step ahead of the hackers. All businesses need a step ahead innovation and thinking to be safe and beat hackers.