The world didn’t just change in 2020. It transformed—so much so that it’s been hard to keep up. And, as any cybersecurity expert will tell you, when the external world transforms—cyberspace transforms with it.
These same experts will also tell you that cyberspace isn’t ubiquitous. Every region should consider not only global trends but also country-specific developments. In other words, true comprehensive security comes when a global perspective is supplemented with a regional one. That’s why, this year, in addition to the usual global KSB reports, Kaspersky is offering a series of local predictions to ensure that—wherever you live—you can bring on a more secure 2021.
Here are some local developments in India that experts predict you should keep an eye on in the coming year:
Cyber Frauds
India's digital economy is expected to grow at a faster rate and as per the recent BCG Group and Google study said that in five years, India's digital payment itself is going to become USD 500 billion industry. Recently Facebook-owned popular instant messaging app launched its payment services in India. It allows users to send and receive money to their contacts while chatting. It uses UPI, a payment infrastructure built by a coalition of large banks in the country, to send and receive money. This year we have seen many UPI related frauds[1] and several banks have issued advisories alerting their users about the same[1]. As more options for digital payments are introduced, we can see more similar cases in the future.
The BharatNet[3] programme seeks to connect all villages in the country with optical fiber covering nearly 625,000 villages to improve telecommunications in India and reach the campaign goal of Digital India. With more users connected to the internet, the incidents related to frauds may see an uptick. The NCRB's (National Crime Record Bureau) cybercrime data[4] for 2019 shows that the motive behind most of the cases registered is fraud.
Healthcare sector
Indian has been digitizing its healthcare sector under the National Digital Health Mission[5]. The platform includes the following key feature health ID, Health Facility Registry (HFR), Personal Health Records (PHR), Electronic Medical Records, Digi-Doctor and it will also include e-pharmacy and telemedicine services. During the COVID-19 national emergency, the Ministry of Health and Family Welfare shared Telemedicine Practice Guidelines[6] on March 25 2020 to enable Registered Medical Practitioners to Provide Healthcare Using Telemedicine.
This year we have already seen incidents where medical details of over 120 million Indian patients have been leaked and made freely available on the Internet. Recently Dr Reddy’s[7] Laboratories also confirmed that a Cybersecurity breach was a ransomware attack. After a week of this incident, another Indian pharmaceutical company Lupin[8] has confirmed an information security incident that has affected multiple internal systems. The above incidents indicate that the healthcare sector is expected to see a rise in attacks during 2021.
Digitization of Micro, Small & Medium Enterprises (MSMEs)
Lockdown has made many businesses go digital and micro, small and medium enterprises (MSMEs) are no exception. The MSMEs have to ensure that this change has to be smooth. During this transition they have to ensure that they have implemented necessary network protection in place to ensure a secure remote working setup for their employees which requires investment of resources and may not be straightforward (easy) for MSMEs. We have seen incidents in the past where the network breach was the result of exploiting a vulnerable internet-facing service. Apart from securing their infrastructure they have to take essential steps to protect their customers personal information. Any loopholes in the setups may provide attackers an opportunity to go after MSMEs.
Ransomware Attacks
We already mention in our 2020 predictions[9] that ransomware will go from ransomware to targeted ransomware and we have seen a rise in this prediction during COVID-19 pandemic. We see ransomware actors like Maze, Cl0p, Nefilmi and Netwalker targeting different industries in India such as Financial Services, Oil drilling services, Pharmaceutical, Commodity and services providers, Automotive supplies, Footwear manufacturer, Professional & Consumer Services and Manufacturing & Industrials. We expect this tendency to be continued in 2021.
[2] https://twitter.com/TheOfficialSBI/status/1244616496816386048
[5] https://www.nhp.gov.in/national-digital-health-mission-(ndhm)_pg
[6] https://www.mohfw.gov.in/pdf/Telemedicine.pdf
[9] https://securelist.com/advanced-threat-predictions-for-2020/95055/