Personal information data breach looms large in India: Verizon report

Lack of strong data protection and privacy legislation makes India highly vulnerable to data breaches related to personal information, according to digital network solution firm Verizon.

Published: 11th April 2018 03:28 AM  |   Last Updated: 11th April 2018 03:28 AM   |  A+A-

internet, net neutrality, open web, world wide, cable, hardware, hacking

Image used for representational purpose

By PTI

NEW DELHI: Lack of strong data protection and privacy legislation makes India highly vulnerable to data breaches related to personal information, according to digital network solution firm Verizon.

"Specifically with respect to India, the threat of PII (personally identifiable information also called sensitive personal information) data breaches looms large due to lack of a strong data protection and privacy legislation," Verizon Enterprise Solutions, Managing Principal for APJ, Ashish Thapar said.

The company today released data breach investigations report (DBIR) which found that social engineering targeting personal information in education segment is high, which is then used for identity fraud.

"Highly sensitive research is also at risk, with 20 percent of attacks motivated by espionage. Eleven percent of attacks also have 'fun' as the motive rather than financial gain," the report said.

Thapar said that with hyper increase of e-commerce, and e-governance transactions and the rate at which broadband and 4G penetration is increasing in India, other threats such as phishing, pretexting, ransomware, cryptojacking, botnet infections and DDoS have become all the more worrisome in today's scenario.

The DBIR said ransomware, a malware which locks computers and frees it after getting money, attacks double since 2017 and now target business critical systems.

"Ransomware attacks are a key cybersecurity threat for global organisations. It is the most common type of malware, found in 39 percent of malware-related data breaches double that of last year's DBIR, and accounts for over 700 incidents - India is no exception to this trend according to our investigation caseloads," Thapar said.

According to the report, human factor continues to be the weak link in cybersecurity breaches with employees of companies still falling victim to social attacks.

"Financial pretexting and phishing represent 98 per cent of social incidents and 93 percent of all breaches investigated with email continuing to be the main entry point (96 per cent of cases).

Companies are nearly three times more likely to get breached by social attacks than via actual vulnerabilities, emphasizing the need for ongoing employee cybersecurity education," the report said.

It further said that while on average 78 percent of people did not fail a phishing (misleading e-mails, website links etc) test last year, 4 percent of people do for any given phishing campaign.

"A cybercriminal only needs one victim to get access into an organization," the report said.

It said that one security breach can have multiple attackers and the study by the company found that 72 per cent of attacks were perpetrated by outsiders, 27 per cent involved internal actors, 2 per cent involved partners and 2 per cent feature, multiple partners.

"Organised crime groups still account for 50 percent of the attacks analysed," the report said.

Stay up to date on all the latest Business news with The New Indian Express App. Download now

Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.