New Delhi: Nearly 40 per cent of over 53,000 cyber attacks in India occurred in the financial services sector during 2017, placing it at the seventh spot in the list of targeted countries for Web Application Attacks (WAA), a new report said on Wednesday.

Security incidents like phishing, website intrusions and defacements, virus and ransomware targeted the rapidly growing Banking, Financial services and Insurance (BFSI) sector in India, warranting a robust infrastructure and planned roadmap for cybersecurity, said the report from content delivery network services Akamai Technologies. 

“A key motive of attackers has always been financial profit. In the past few years, we have seen adversaries move to more direct methods to achieve that goal such as ransomware,” noted Martin McKeay, Senior Security Advocate at Akamai.

“Crypto-mining offers attackers the most direct avenue to monetise efforts by putting money immediately into their crypto wallets,” he added.

While India maintained the same position in the third quarter last year, it is interesting to note that the attacks sourced have seen a drop of approximately four million in number as compared to last quarter; the report, titled “Akamai State of the Internet Security Q4 2017”said. 

About Akamai

It is one of world’s largest and trusted cloud delivery platform.

It uses its globally distributed Akamai Intelligent Platform to process trillions of Internet transactions each day.

This allows the platform to gather massive amounts of data on metrics related to broadband connectivity, cloud security, and media delivery.

The State of the Internet report was created to enable businesses and governments to make better strategic decisions by using the data collected and the insights it offers.

The reports are published by Akamai in each quarter with a focus on broadband connectivity and cloud security.

The reports cover the origins, tactics, types and targets of cyber-attacks and emerging threats and trends.

The newly-released data that analysed more than 7.3 trillion bot requests per month found a sharp increase in the threat of credential abuse, with more than 40 per cent of login attempts being malicious. 

This indicates that DDoS attacks remain a consistent threat and the Mirai botnet is still capable of strong bursts of activity.

Akamai's findings also confirmed that the total number of DDoS attacks last quarter increased 14 per cent from the same time last year.

Type of Attacks:

DDoS Update / Distributed Denial of Service (DDoS) attacks: These attacks can bring down websites, disrupt businesses, and divert resources, sometimes serving as cover for more insidious data or systems breaches.

Web Application Attacks Update: In contrast to DDoS attacks, web application attacks typically target application vulnerabilities in order to steal data or otherwise compromise the underlying system. These attacks are much more common than DDoS attacks, with attackers often simply scanning the Internet for vulnerable sites to victimise.

Key Highlights of the Report:

The report reveals that security incidents such as phishing, website intrusions and defacements, virus and ransomware have targeted the rapidly growing of the Banking, Financial Services and Insurance (BFSI) sector in India.

It also stated that the Distributed Denial of Service (DDoS) attack frequency in the BFSI sector increased by 50 per cent in the fourth quarter of 2017 over the last quarter.

It also placed India seventh in the list of the top source countries for WAA.

While India maintained the same position in the third quarter last year, the attacks sourced saw a drop of approximately four million in number as compared to last quarter.

Other highlights from Akamai’s Fourth Quarter, 2017 State of the Internet / Security Report include:

The hospitality industry suffered as the biggest target of fraudulent credential attacks, with 82 percent of their login attempts being from malicious botnets.

The financial industry saw a sharp increase in the number of DDoS attacks, experiencing 298 DDoS attacks against 37 distinct organizations last quarter.

Application layer DDoS attacks such as GET, PUSH and POST floods increased in volume in Q4 by 115 percent since Q3.

There was a 31 percent increase in DDoS attacks sourcing from the U.S. last quarter (Q4 2017) compared to the same timeframe last year (Q4 2016).

Akamai saw 146 Petabytes of traffic in November and 145 Petabytes in December of bot traffic alone, which translates to approximately 550 Mbps.

Akamai mitigated 4,364 attack events on the routed platform in the fourth quarter of 2017. In total, Akamai experienced 15,965 attack events throughout 2017.

References:

https://www.thenewsminute.com

http://indianexpress.com

https://www.jagranjosh.com