SUMMARY
Cyber security incidents rose to 208,456 in 2018 from 53,117 in the previous year
In 2019, the losses that occurred due to cyber-crimes in the country were estimated at INR 1.25 lakh Cr
The looming threat of cyber-security is now forcing e-commerce giants like Amazon, Flipkart and Snapdeal to rope in ethical hackers to trace loopholes in their existing systems
As the lines between digital and physical continue to blur especially amid the Covid-19 pandemic, contactless payments and digital transactions have become the new norm. A report published by IBEF said that the Indian ecommerce market is growing at a steady pace and is expected to be valued at $200 Bn by the year 2026. In the same report, it was stated that internet users in the country will increase to 829 Mn by the year 2021. If that sounds promising, there’s a bigger threat lurking around that requires immediate attention – cyber-security.
As connectivity improves and digital transactions take the front seat, several businesses in India are expected to lose their immunity which they enjoyed in a less connected economy. Cyber-security incidents rose to 208,456 in 2018 from 53,117 in the previous year which is a clear indication of the rising number of cyber incidents in the country. Amid the growing concerns, it is imperative that India takes a stronghold against cyber-security threats by strengthening cyber-security standards and implementing better security infrastructure.
An Increasing Influx Of Cyber Attacks
In 2019, the losses that occurred due to cyber-crimes in the country were estimated at INR 1.25 lakh Cr. The most affected were the BFSI sector, critical infrastructure and the ecommerce businesses which also included the retail sector.
A report by Frost & Sullivan and Microsoft in 2017 confirmed that 56% of retail organisations in the Asia Pacific region faced a cyber-security incident. Even ecommerce leaders like Amazon India had to face a security breach where almost 400,000 seller’s data were compromised. Zomato, the online food delivery and restaurant aggregator faced a similar incident where cybercriminals stole data records of 17 Mn users from its database.
There’s no doubt in the fact that cyber-attacks are becoming more advanced and entrepreneurial. These attacks are large scale, fast-moving and easily able to bypass the traditional, security frameworks of the organisations. Companies are trying to safeguard themselves against cyber-attacks with older technology which only offers protection against application attacks, payload delivery and viruses. However, they are exposed to bigger threats when it comes to protection in areas like virtualized data centres, networks, mobile devices and cloud devices which simply remains unaddressed.
Data Privacy At Risk With The Looming Threat Of Hackers
The increasingly connected world is no doubt making life convenient for people, but at the same time, there’s the risk of exposing personal data to hackers or cyber-criminals.
Cyber security is something that most of the online buyers in India are not accustomed to. That’s why they are the easy targets of hackers. Hackers use different ways to steal buyer’s data and use it for fraudulent activities. In this fast-paced, connected world, people are constantly sharing their personal information, be it on a website, shopping mall or restaurant.
Hackers procure these data through malware, malicious mobile apps or by breaking into a company’s database. The data is either sold on the dark web or used to woo customers with fake calls or fraud populist advertisements. These advertisements contain encrypted codes and once the customer clicks on them, the hackers get access to the customer’s network stealing valuable personal information like bank details, personal files, etc. In a recent case, usernames and passwords of 32 Mn Twitter users were being sold in the underground marketplace by a hacker.
The Way Forward
With the Indian ecommerce market expected to become the 2nd largest in the world by 2034 surpassing that of the US, there’s an even greater need to identify and fix broken security issues.
The key to security and prevention of significant damage is quick identification of the threat. Based on different identifiers like location, attack behaviour, global threat intelligence and IP address, retailers should focus on creating custom web security rules. This would provide them a better view of trusted users and traffic which in turn would enhance their web security.
Even though cyber-attacks are ever-evolving but there are certain known attackers and threats that can be recognized through recurrent attacks or interconnection with bad entities such a botnets. Application solutions put in place by organisations need to adapt to these rising threats and stop the attackers to ensure enhanced level of security.
The looming threat of cyber-security is now forcing ecommerce giants like Amazon, Flipkart and Snapdeal to rope in ethical hackers to trace loopholes in their existing systems. Though this not may be a viable option for small to medium-sized businesses but it surely is helping these big firms to fix the glitches in their system. Another strategy adopted by businesses these days is the deployment of deception techniques in their systems. The deception techniques also known by the name ‘honeypots’ re-routes hackers to fake servers whenever they try to attack their systems.
As technology continues to evolve, we can expect to see increasing sophistication in the game between defenders and attackers. Businesses are expected to invest more on cyber-security services and products that leverage automation and AI/ML. There is also the anticipation that cyber-security will be integrated deeply into tech products paving the way to transformation across organisations and industries.
Final Thoughts
To eliminate the risks, companies must shift their focus to strengthening cyber-security standards and put to use enhanced security infrastructure. Cyber-crime cost to companies is expected to go up to $6 Tn by the year 2021, a steep rise from $3 Tn in the year 2015. In an economy as large as India, the government must emphasize on creating stronger-cyber defence capabilities by connecting with top players from the enterprise domain. The public and the private sector must work in tandem to address the present loopholes with a robust cyber-security system.
Strong security leadership is indeed the need of the hour to effectively manage cyber-risk and prioritize the best defensive measures.
