With the rise of cybersecurity threats in India, experts believe that enterprises and startups with unprotected servers are the biggest contributors to data breaches in the country.
The cybersecurity wing of India, Computer Emergency Responses Team-India (CERT-In), in an ET report, said that it had reported over 3.13 Lakh cybersecurity incidents in 2019.
Last year, India witnessed massive security breaches across various segments, including large corporations, small and medium enterprises, government institutions and startups. Few of the companies that reported cybersecurity incidents were Oyo, Bounce, Just Dial, Airtel, Nykaa Fashion, Uber, Whatsapp, OnePlus, Govt’s Online Health Registration System and others.
This also comes at a time when US-based cyber tech company CrowdStrike, in November 2019, had also revealed that Indian companies take more time to respond to data breaches as compared to other countries. The study further stated that Indian companies showed a lack of preparedness in dealing with online attacks. The average response time to cyber threats was nine days (222 hours), while global companies on average take seven days (162 hours).
The data breach attacks come with a cost to the businesses. According to the Michigan-based Ponemon Institute and IBM Security ‘Cost of a Data Breach’ report, in the past six years, the average cost of a data breach has been growing at 12%. In total, it cost about $3.92 Mn per breach in 2019, globally.
Other Cyber Security Threats Lurking In India
In November 2019, the tech giant Google had also revealed that it had sent warnings to more than 12K users in 149 countries, who were targetted by government-backed attackers. Google had also said that over 90% of these users were targetted using “credential phishing emails,” where the hackers tried to obtain user’s passwords, account details and others.
Google didn’t reveal the exact number of Indian users impacted by government-backed attackers, but the heat map showed that India had at least 500 users who fell victim to such threats.
Last month, the IT minister Ravi Shankar Prasad responding to a question titled “Extent of WhatsApp Privacy Breach,” had said that out of 121 users whose devices were attempted to hack using Pegasus spyware, only 20 Indian users were breached.