In today’s digital age, where technology has permeated every aspect of our lives, the importance of cybersecurity cannot be overlooked, as cyber threats have become increasingly sophisticated and pervasive. Constantly evolving tactics, the use of advanced techniques such as ransomware, phishing attacks and data breaches to target individuals, businesses and even governments are rampant.
Sophos’s report “The State of Ransomware 2021” states that in 2020, the average cost of a ransomware attack on businesses reached close to Rs 8.5 crore, a 200 per cent increase from the previous year. While, the “Cost of a Data Breach Report 2020” by IMB security revealed that in 2020, the average data breach cost was USD 3.86 million and it took an average of 280 days to identify and contain a breach.
According to Microsoft’s Global Tech Support Scam Research, 31 per cent of Indians lost money to cyberattacks in 2022. Every day, citizens in the state of Gujarat alone collectively lose Rs 1 to 1.2 crore to online financial fraud, according to the cyber cell of Gujarat CID. Thus, the consequences of these attacks can be devastating, ranging from financial loss to reputational damage and, in some cases, even endangering lives.
Expanding Attack Surfaces
According to Sanjay Katkar, Joint Managing Director of Quick Heal Technologies, “One of the key challenges in today’s cybersecurity landscape is the ever-expanding attack surface. With the proliferation of Internet of Things (IoT) devices, cloud computing and the widespread adoption of mobile devices, we have seen an exponential increase in the number of entry points for cybercriminals to exploit. Mobile device usage has become pervasive.”
According to Statista’s report on the number of smartphone users worldwide from 2016 to 2023, as of 2021, there were over 3.8 billion smartphone users worldwide which is expected to reach 4.3 billion by 2023.
The number of IoT devices is also increasing at a rapid pace. By 2025, there will be over 75 billion connected IoT devices worldwide, as per Statista’s report on “Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025.” It is essential for organisations to be proactive in their approach to cybersecurity, continuously monitoring and securing all interconnected devices and systems, Katkar said.
Katkar also said that we face an array of sophisticated threats such as ransomware, advanced persistent threats (APTs) and zero-day vulnerabilities, which are exploited by attackers. Also, Google’s Project Zero revealed that a total of 18 zero days came to light in the first half of 2022 itself, half of which were variants of old ones.
These threats are often highly targeted, seeking to exploit specific weaknesses within an organisation’s defences. It is no longer sufficient to rely solely on traditional antivirus software. Instead, a multi-layered approach to security is necessary, incorporating advanced threat detection technologies, behavioural analytics and real-time threat intelligence.
Another significant challenge in the evolving cyber threat landscape is the rise of nation-state-sponsored attacks. State-sponsored hacking activities have gained prominence, with governments leveraging cyber espionage and cyber warfare as tools for political and economic advantage. These attacks can have severe implications for national security and require a robust defence mechanism that can detect and mitigate such threats effectively.
The SolarWinds attack, attributed to Russian state-sponsored hackers, affected numerous government agencies and organisations, highlighting the severity of nation-state threats (Source: Cybersecurity and Infrastructure Security Agency (CISA), “Activity Alert AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organisations).” Closer to home, All India Institute of Medical Sciences (AIIMS), one of the premier healthcare institutions in the country, has suffered cybersecurity breaches twice this year. Another cyberattack targeting the CoWIN portal exposed the personal data of several Indian citizens – including high-profile political leaders – who had uploaded their information on the vaccination platform.
Collaboration between governments, private sector organisations and cybersecurity experts is crucial to combatting these complex threats.
Harnessing Technology for Security
The evolving landscape of cyber threats requires adapting and enhancing defence mechanisms constantly. Traditional security approaches are needed in combating these sophisticated attacks and need a proactive and multi-layered defence strategy that encompasses technology, people and processes. Effective cybersecurity requires a holistic approach that addresses both preventive and responsive measures.
Machine learning and artificial intelligence enhance cybersecurity capabilities. According to a survey by Capgemini, “Reinventing Cybersecurity with Artificial Intelligence: The New Frontier in Digital Security,” 61 per cent of organisations have implemented AI in their cybersecurity strategies to detect and respond to threats effectively.
Katkar believes that organisations must invest in cutting-edge technologies that can detect and mitigate cyber threats in real time. Machine learning and artificial intelligence are revolutionising the field of cybersecurity, enabling to analyse vast amounts of data and identify patterns that indicate potential threats. By leveraging these technologies, organisations proactively detect and neutralise threats before they cause significant damage.
Beyond Antivirus
Technology alone is not enough in preventing security lapses in the digital world. Cybersecurity is a shared responsibility and it requires a collaborative effort from individuals, businesses and governments. It is essential to educate and raise awareness among individuals about the risks and best practices to protect themselves online. Individuals can take preventive measures to protect themselves. According to Google, using two-factor authentication can prevent 99.9 per cent of automated attacks on Google accounts. Basic measures such as using strong passwords, keeping software up to date and being cautious of suspicious emails or links can go a long way in preventing cyberattacks.
For businesses, it is crucial to prioritise cybersecurity and establish robust protocols to safeguard their data and systems including implementing strong access controls, conducting regular vulnerability assessments and training employees on cybersecurity best practices.
Additionally, organisations must be prepared for the worst-case scenario by developing an effective incident response plan. Governments also play a vital role in creating a secure digital ecosystem, which is why they need to enact and enforce robust cybersecurity regulations that promote information sharing, collaboration and accountability.
The evolving landscape of cyber threats demands a proactive and robust approach to cybersecurity. “As individuals, organisations and nations, we must recognise the importance of investing in advanced defence mechanisms, continuously updating our systems and staying informed about the latest threats. Cybersecurity is not a luxury, it is a necessity in our interconnected world,” Katkar said.