Posted on January 3, 2019 by PINC Insurance

While Digital India is growing fast it faces an increasing threat from cybercrimes. Cybercrime costs borne by businesses globally went up from USD 445 billion (0.7% of global GDP) in 2014 to USD 600 billion (0.8% of global GDP) in 2017. India is particularly at risk since it is digitising rapidly, while its end users do not have the resources or knowledge to protect themselves. India is among the top 20 countries affected by cybercrimes accounting for around 3% of the world’s systems affected, but ranks 3rd in the absolute number of systems affected. Only the USA and China face a bigger threat from cyber security risks. India faced 44679, 49455, 50362 and 53081 cyber security incidents during the years 2014, 2015, 2016 and 2017, respectively. However only 9622, 11592, and 12317 cases related to Cybercrimes were registered in a similar period of 2014, 2015, and 2016. The Union Home Secretary has outlined some of the major areas that will need protection, “Cyber criminals can steal personal information, data from private or government organisations disrupt services, cripple the financial system, [and] trigger national security [incidents]. Cyber-attacks can take multiple forms like terror attacks, identity theft, circulation of offensive content, online sexual abuse, online scams, [and] online hate crimes.”

Among these cybercrimes are several high profile ones as well. In July 2016 Union bank of India was robbed of USD 171 million. Much of it was luckily recovered. Financial gain has been the most common motive for cybercrimes in India while corporate espionage and control of public/government infrastructure are also leading areas of cybercrime activity. Banks and payment systems have seen the largest number of incidents with major banks also being affected.

WannaCry & Petya were ransomware that affected several of India’s growing salaried middle class. Ransomware has seen an exponential surge globally thanks to the advent of crypto currency. India along with China has seen several ransomware incidents due to the fact that several systems in use are out-dated and do not have sufficient protection measures in place.

Another cause for concern as highlighted by the government has been the manner in which cyber criminals use online medium to radicalise youth in the country. Small villages in places like Jharkhand are where a lot of Indian origin cybercrimes originate. The unemployment in the region coupled with the inclination of youth in the area to take to crime has made it the underbelly of India’s online ecosystem. Most of the crimes here are financially motivated and are increasingly becoming organised. Such criminals usually go after unsuspecting credit or debit card holders and use social engineering/phishing techniques to make a quick buck.

When it comes to government & corporate targets, the hackers have been much more organised, sophisticated and funded. This elucidates the need for several layers of security including a mix of legal framework with technological measures. It is estimated that Indian businesses lost over USD 500,000 in the last year from direct costs and lost opportunities due to cybercrimes. Companies like HBO were even held to ransom over stolen intellectual property. Unfortunately many company leaders are largely unaware of the threats they are exposed to online.

With the advent of Reliance Jio, and subsequent lowering of data-access costs, India’s online user base has grown by 10 crores in just a matter of months, and is expected to surpass 85 crore users by 2025. This along with an increased number of affordable smart phones is making cybercrimes easier to commit. ”

Key to reducing the costs of cybercrimes will be greater standardisation of threats & basic security protocols, and coordination between multiple agencies & stakeholders to identify and resolve incidents. An important part of the cooperation is having standardised laws and agreements between different countries to tackle incidents since an attack can happen from the other side of the world.

A large investment is needed to improve the cyber security infrastructure. Greater cooperation between research institutes and private companies will also help curb the cybercrime threat from a technological standpoint. Artificial intelligence 7 machine learning will also play a major role in thwarting cybercrimes.

India will also need to tackle its problem of having low awareness of cyber threats as even if India manages to put in the resources to improve the much needed cyber security infrastructure, human error can always be the downfall of security systems. A lot of manpower training is required in this regard.

And so, while a large number of unknown cyber threats exist, the path to defeating them is clear.