Cybersecurity Awareness: Cyber attackers’ increasing inclination towards targeting government organizations; What can be done?

India has faced increased cyber-attacks since the nationwide lockdown was imposed by the end of March. As the pandemic forced a large number of enterprises to suddenly switch to the remote working set up to contain the spread of COVID-19, most companies started experiencing the security vulnerabilities attached to it. In a recent market report titled “Brave the new normal: How companies in Asia-Pacific are overcoming cybersecurity challenges in a remote workplace”, it was identified that employees from 67% of Indian organisations experienced an increase in email phishing attacks since they shifted to 100% remote working.

The widespread rollout of a remote workforce challenged even the most prepared organisations because a majority of the cybercriminals sensed an opportunity of launching a spate of attacks manipulating people’s fear and uncertainty amid the pandemic. Since March, more than 35 advisories and 200 vulnerability notes have been issued by from the government as well from the Indian - Computer Emergency Response Team (CERT-In) raised a warning of potential cyberattacks on the country’s government agencies, media houses and large companies from malicious actors.

The team has been providing threat intelligence reports to Chief Information Security Officers (CISO) that can enable them to take appropriate measures for securing their digital infrastructure. With government organisations, the national IT infrastructure and the banking sector becoming more vital than ever to the nation in the current pandemic situation, all the fingers of being the prime targets for attack are increasingly getting pointed towards them.

However, the COVID 19 outbreak hasn’t been the only reason behind the spike in attacks. The ongoing diplomatic conflict has also been forcing Indian firms, especially the private and government agencies to realise the vulnerabilities amid external cyber threat. It was during this period that the Indian intelligence agencies banned 118 mobile apps with ‘links to China’ over security concerns. According to the Government, these apps ended up mining an enormous amount of data from Indian users to share it on servers outside the country, which raised cybersecurity concerns.

What can be done?

This calls for an urgent need for effective cybersecurity, which is a consequence of shared responsibility involving people, processes and technologies. After all, it is the people who emerge as the weakest link are and more vulnerable to accidentally sending sensitive information to the wrong people as cyber mafias can target any endpoint that is less protected. While organisations can leverage technological solutions to protect their email domain, networks, data and applications, they will have to emphasise on a dedicated culture of security to safeguard all their entry points from the attackers.

To start with, government agencies, India Inc. firms and financial organisations must secure their email and endpoint security. They should consider using malware detection and phishing-detection systems to detect and block potentially or threatening messages and attachments from reaching email inboxes. Meanwhile, secure remote access with firewall ensures remote users can safely access their network resources as the traffic is encrypted and there is no unauthorized exposure of user credentials or other sensitive data.

Organisations can also micro-segment their network to build multiple boundaries for the attackers to cross before gaining access to another subset of data.

A majority of the times, government organisations and bigger firms invest heavily in cybersecurity and base it only on technology, without paying much attention to the human side of the problem. Since employees are the ones with everyday access to many of the organisation’s computers, it becomes significant to provide user-awareness training and engage them in understanding cybersecurity with phishing simulation platform to build resilience in the threat landscape. This means that government organisations are required to capitalise more time and thought towards creating a sophisticated cybersecurity culture and behaviour change within their premises and cyber training is a crucial part of this process.

Meanwhile, the Indian Government that has intensely encouraged the use of technology-led citizen-centric services and programmes in the past few years, should now focus on promoting safe and secure usage of the internet and digital services. A comprehensive drive among the masses to spread awareness about cybercrime and how it can be prevented may help avert serious cyberattacks and allow the country’s law and enforcement agencies to emphasise on larger issues.