Cyber Security Awareness Month: Changing Dynamics of Cyber Attacks
By Sandip Kumar Panda, Co-Founder of Instasafe technologies
India as a country has changed in the last decade. We are witnessing a new India, a technologically savvy India where digital adoption is at its peak with the rise in the number of smartphone/ mobile phone users in India.
Financial adoption fuelled by digital technology is at its highest and we see UPI transactions have hit 6.5 billion transactions in a month. Last decade India gave rise to more than 64 unicorns and majority of these unicorns are in the ecommerce space. Indians are just loving to buy things online as never before and it is going to increase further.
In contrast, with increase in financial adoption, our financial literacy and more importantly cybersecurity awareness has not increased. This has led to a massive number of cybercrime cases related to phishing scams, credential theft, and data leakages.
Not only individuals but also SMBs and enterprises are victims of cyber attacks. Even implementing some of the best cyber security tools, cyber attacks are quite common. And the majority of the attacks are successful because of human error. Humans remain the weakest link of the cybersecurity chain which most hackers exploit. Human error can be in the form of using weak passwords as credentials, clicking phishing links and disclosing confidential information assuming trust. Social Engineering is one of the techniques hackers use to manipulate and trick users to gain trust and extract confidential information from the users.
In the recent Uber cyber attack, hackers tricked Uber’s internal employee into providing account access by social engineering the victim into accepting a Multi-Factor Authentication (MFA) prompt that allowed the attacker to register their own device. This proves that even for the best of sophisticated enterprise, social engineering tactics and manipulating employees remains a vulnerable entry point for hackers.
Cyber attacks can be greatly minimized with more awareness and training to all individuals. With now everything we interact with is a digital technology, cyber security needs to be part of daily lifestyle. Some of the best practices that individuals can follow are – using different passwords for different applications, use password manager to remember passwords, use multifactor authentication to add extra security layer of authentication, assume no trust on any links that is sent your over email by unknown sources, and in case of any doubts, all reach out to your cybersecurity team for help. Together we can win. Be Cyber Aware and Cyber Conscious.