According to data from IBM, India is the second most attacked country in the Asia-Pacific region, accounting for 7% of all attacks observed in Asia in 2020. The company has released its annual X-Force Threat Report, which details most types of cyber attacks that were carried out last year and the industries most affected. Sudeep Das, head of security software technical sales in IBM’s technical sales department in India and South Asia, told Advertisement Shout how the company should use technologies such as confidential computing to enhance its cloud-based data security.
Ransomware dominates cyber threats in 2020
Das said that ransomware is the most popular type of attack in India, accounting for 40% of the entire threat domain. Ransomware is a strategy used by hackers to extort money from victims by encrypting, stealing and then threatening to leak data (if the ransom is not paid). The report shows that the most active ransomware group reported in 2020 is Sodinokibi (also known as REvil), which accounts for 22% of all ransomware incidents observed by X-Force worldwide. It is estimated that Sodinokibi stole approximately 21.6 terabytes of data from its victims, nearly two-thirds of Sodinokibi victims paid the ransom, and approximately 43% of the data was leaked – X-Force estimates that the organization’s revenue exceeds 1.23 One hundred million U.S. dollars. the past year.
The financial sector most affected in India
Das said that in India, finance and insurance are the most attacked industries, accounting for 60% of all attacks, followed by manufacturing and professional services. “In addition, last year, digital currency mining and server access attacks hit Indian companies. We also witnessed cybercriminals using relief work and public health information as a bait for spam, including targeted targeting of key components of the vaccine supply chain. Sexual assault.”
Cloud-based attacks are on the rise
By 2020, most of the attacks IBM has observed against Indian companies occurred between May and July. This is the period when the epidemic reached its peak in the country, and companies are scrambling to get online. The report focuses on the reasons why many companies are trying to accelerate their cloud computing adoption rate after the devastation caused by COVID-19, and how cloud-based attacks are on the rise. Das said: “Companies should adopt a zero-trust approach to strengthen their cloud environment security strategy, and use AI to monitor, detect and contextualize dynamic behavior and dynamics in the hybrid cloud environment to verify the legitimacy of the threat (or Lack of threat) and respond automatically.”
Confidential calculation required
Das also emphasized the use of confidential computing. “It encrypts data during processing, and before that, data must be decrypted before processing, which may lead to vulnerabilities. In other words, even if the cloud environment is threatened, malicious actors using technologies such as confidential computing It will also make the data useless/inaccessible.”
Das said that with the help of confidential computing, organizations can help reduce the risk of exploitability for malicious actors, even if they have access to their sensitive environment. He added that companies must also allow employees to selectively access information and data, and outline a clear definition around who can access which data in the organization.
The IBM report emphasizes that the cloud environment may become the main attack vector for threat actors in the future. However, there is no escape from it. The company has no choice but to build a stronger defense. “Actually, there is no choice-companies must be online, so they will be exposed to cloud-based attacks-they will have to defend against such attacks. The main action is to determine the control measures we need to take-to ensure safety and health around identity and data security, It is necessary to target cloud-based attacks, but also through misconfigurations, dissatisfied employees, etc.,” he said.
The most deceived brand during the pandemic
Globally, cybercriminals choose to disguise themselves as consumers’ trusted brands in order to steal users’ financial information, obtain user credentials, or infect victims’ devices with malware. According to the report, brands that provide collaboration tools (such as Google, Dropbox, and Microsoft) or online shopping brands (such as Amazon and PayPal) are listed as the top ten deceptive brands in 2020.
YouTube and Facebook also top the list. Surprisingly, Adidas made its debut as the seventh most frequently imitated brand in 2020, which may be driven by the demand for Yeezy and Superstar sneaker series.