The number of cyberattacks on Indian companies has doubled in the past few days, as cybercriminals use the disruption brought about by the Covid-19 outbreak to infiltrate corporate networks and steal data, according to a study by PricewaterhouseCoopers’ cybersecurity team.
Due to increased hacker activity, phishing attempts have gone up by three times, and the work from home infrastructure is also under attack.
“No time seems more opportune to launch cyber attacks than when the world is busy battling the Covid-19 threat,” PwC India partner and cybersecurity leader Sivaraman Krishnan said. The team that undertook the study found out that there were two primary sustained waves in February 2019 after which the attack volumes fell back to a median level.
But as India started seeing a rise in the Covid-19 cases after March 15, the first massive wave of attacks against Indian companies was launched. “The attack waves this time were longer and sustained from March 15 to March 19 before the volumes dropped.
This was quickly repeated with a next set of attacks. Typically, when we see a spike in attacks or a mass campaign in India, it quickly rises up and falls with the time duration being 24 hours on an average. Sustained campaign is known to occur at periodic intervals of say one week to a few days,” said Krishnan.
PwC conducted a study of the threat landscape to understand the attacks and attack patterns which were affecting companies during the lockdown. It covered more than 50 leading companies across manufacturing, financial services, ecommerce, IT&ITeS and other industries.
According to the study, ‘work from anywhere’ infrastructure is being heavily targeted along with attempts of identity theft and malicious payload delivery. As companies scrambled to set up VPN infrastructure and enable their employees to work from anywhere during the crisis, the hackers targeted companies with widespread phishing campaigns.
The study said there was a global spike in the number of phishing emails from February 2020 indicating a serious and targeted attempt to exploit the human anxiety related to the Covid-19 disease to obtain credentials or deliver trojans. In early March, a new ransomware dubbed ‘Covidlock’ was spread disguised as acoronavirus tracking app.
The PwC analysts observed numerous attempts of delivering malicious payloads including those related to the Covid-19 theme.
The major threat vector observed in India was AZORult — a malware designed to steal information including credentials.
This malware has been in existence over three years but was recently linked with malicious files and apps belonging to the Covid-19 theme.
Leave a Reply