The new Kaspersky Security Network (KSN) report reveals that Kaspersky products detected and blocked 52,820,874 local cyber threats in India between January to March 2020.
The data collected by the KSN report between January – March 2020 also shows that India now ranks 27th globally in the number of web-threats detected by the company in Q1 2020 as compared to when it ranked in the 32nd position globally in Q4 2019.
Web threats are attacks detected via browsers that are the primary method for spreading malicious programs. The following methods were used most often by cybercriminals to penetrate systems:
Exploiting vulnerabilities in browsers and their plugins (drive-by download). Infection in this type of attack takes place when visiting an infected website, without any intervention from the user and without their knowledge. This method is used in the majority of attacks. Among them, file-less malware is most dangerous: its malicious code uses registry or WMI subscriptions for persistence, leaving no single object for static analysis on the disk. To fight such stealthy threats, Kaspersky products apply the Behaviour Detection component that benefits from ML-based models and behavior heuristics to detect malicious activity even if the code is unknown. Another key technology, developed by Kaspersky, is Exploit Prevention which reveals and blocks in real time the malware’s attempts to benefit from software vulnerabilities
Social engineering: These attacks require user participation, a user has to download a malicious file to her computer. This happens when cyber criminals make the victim believe he/she is downloading a legitimate program. Protection against such attacks requires a security solution capable of detecting threats as they are being downloaded from the Internet. Since many threat actors nowadays obfuscate malicious code to bypass static analysis and emulation, true protection requires more advanced technologies such as proactive ML-based methods and behavior analysis.
The number of local threats in Q1 2020 in India i.e 52,820,874 shows how frequently users are attacked by malware spread via removable USB drives, CDs and DVDs, and other “offline” methods. Protection against such attacks not only requires an antivirus solution capable of treating infected objects but also a firewall, anti-rootkit functionality, and control over removable devices. The number of local threats detected in Q4 2019 was 40,700,057
India also ranks 11th worldwide in the number of attacks caused by servers that were hosted in India, which accounts for 2,299,682 incidents in Q1 2020 as compared to 854,782 incidents detected in Q4 2019.
“As we all begin to adapt to a new working culture due to the nationwide lockdown, remote working will gain more popularity in the coming years as well. Having said that, the cybersecurity adaption for this work culture also becomes a major responsibility of small, medium, and large businesses. In order to mitigate some of the major risks like data breaches, targeted ransomware attacks, large scale DDoS attacks, targeted attacks by APT groups, etc, businesses will need to allocate their budgets correctly to build a stronger security infrastructure. They will need their cybersecurity solution providers to resolve their pain areas and guide them to the right solutions”, said Dipesh Kaura, General Manager for South Asia, Kaspersky.
Saurabh Sharma, Senior Security Researcher, Global Research and Analysis Team (GReAT) the Asia Pacific at Kaspersky said, “There has been a significant increase in the number of attacks in 2020 Q1 that may continue to rise further in Q2 as well, especially in the current scenario where we notice an increase in cybercriminal activities especially in the Asia Pacific region. We see smartphone users being targeted more due to mass consumption and increased digitalization. To protect devices and data, users must understand common threat vectors and prepare for the next generation of malicious activity. Risks like data leakage, connection to unsecured wi-fi networks, phishing attacks, spyware, apps with weak encryption (also known as broken cryptography) are some of the common mobile threats that Android users face.”