Number of Cybersecurity attacks in the country is increasing. Around 86% of affected Indian users are still far away from Microsoft Windows 10. outdated OS versions is highly risky, even when the system is within the internal network. Here Mr. K. Purushothaman elaborating how cyber threat is increasing and how it can be resolved. Excerpts:
DQ: What do you foresee/expect from the cybersecurity industry?
K. Purushothaman: The use of AI-based technologies, such as machine learning, based on big data, will continue at a high pace, along with threat intelligence, spreading to being used at various security protection layers on the endpoint, network, devices, containers, and on the cloud. Such technologies would need to be accelerated to provide robust security solutions for smart city projects. However, technology is insufficient by itself.
There would also be an increasing need for more skilled security experts to make sense of contextual information, and act upon it quickly and effectively. Many more companies are likely to invest in dedicated security and incident response teams to protect their IT infrastructure. However, such skilled professionals would continue to be very difficult to source in the job market anywhere in the world. A report says 74% of organizations are impacted by cybersecurity skills shortage. Another report by Cybersecurity Ventures estimates there will be 3.5 million unfilled cybersecurity jobs by 2021.
We noticed a spike in the number of ransomware attacks in the country is increasing. Interestingly, the attacks on end-users have decreased, while the picture is the other way around for the enterprise and SMEs across the country. The inclination clearly speaks about their changing intention — hackers don’t work for fun anymore. Moreover, the rising number of cryptomining is a prominent example.
Interest in cryptocurrency has grown in tandem with Bitcoin’s growing value in recent months. As a result, cyber criminals are ramping up efforts to obtain digital money in dishonest ways. Though the value of various cryptocurrencies will surely fluctuate going forward, the price surge we saw late last year, was dramatic enough that online thieves will continue to focus on illicit mining code, with the expectation that there will be more value spikes in the future, to cash in on.
In the smartphone world, Potential Unwanted Program (PUP) and Potentially Unwanted Application (PUA), masquerading as legitimate apps, are increasingly used to victimize the users. Since Google Play Store regularly scans all the existing apps in its platform, cyberthugs prefer external websites and third-party app stores to trick users into downloading and installing them.
We found tens and hundreds of such PUAs every month, out of which many are adware. Simply put, Adware catapult the users to download another app on the device or redirect to other app download links. Another infamous adware, dubbed Hiddad, increases its trustworthiness in the Google Play Store by coercing the user for an excellent rating to increase its visibility under a particular category.
Attacks on systems will continue, due to non-updation of the operating system or an unsupported operating system. We found that a large number of users in the country still rely on older, unsupported OS versions of Microsoft Windows, many of them, despite knowing the associated risks.
From K7 Labs, telemetry data concerning threat blocking, we found around 86% of affected Indian users are still far away from Microsoft Windows 10. Around 2% of affected users are still using old versions of Windows XP even after the end of support. More than half of the affected Indian users (56%) are still using versions of Windows 7, though Microsoft has already stopped its mainstream support in 2015, and announced the end of extended support on January 2020.
Using all these dated OS versions is highly risky, even when the system is within the internal network. The malware can pivot to internal networks from other Internet-enabled devices on the same internal network. Besides upgrading their OS, users must also install patches, whenever available, especially for critical vulnerabilities. The volume of malware, targeted and designed to run exclusively on Windows computers, still dominate the total number of samples.
DQ: Is there any vital prediction that can be seen in 2019?
K. Purushothaman: Malicious cryptominers will continue to expand into new types of devices such as those in the IoT (routers, smart TVs, smart washing machines, smart cars, etc.), in addition to adapting further to increase their footprint on different operating systems (Mac, Linux, Android, etc.) and platforms, such as cloud services.
Since many enterprises are shifting their infrastructure to cloud-based platforms, i.e., to data centers, the attackers would target those platforms at an increasing rate. Social engineering and vulnerability exploitation are most likely to be starting points for these attacks too. There have already been several reports of attacks or attempted attacks on Microsoft’s Office 365 platform.
More countries will begin to introduce stringent data-privacy regulations similar to GDPR, which would make it mandatory for companies in more and more countries to maintain detailed records of their IT infrastructure, and disclose any breaches within designated timeframes, apart from other compliance requirements.
Finally, supply chain attacks targeting the software creation process of popular apps will continue to be high-value prey for sophisticated cyber assailants. Supply chain attacks, such as that used in the NotPetya malware campaign, can be penetrative and lethal.
DQ: What solutions can protect SMEs from data security thefts?
K. Purushothaman: Here are some suggestions:
- Apply critical security patches, especially on public-facing servers, and keep end-point security software up-to-date.
- Employ strong authentication, especially for public-facing services such as RDP and WebApps
- Upgrade Microsoft Windows OS users to fully-licensed Windows 10
- Ignore emails from unknown sources, thus avoiding becoming a victim of phishing and spearphishing attacks. We also recommend you to pay close attention to emails and never click or share if you receive any suspicious file as an attachment.
- Install a security suite, which ensures defense against malware at all security levels, from URL to file-based to behavioral protection, including a heuristic anti-ransomware product feature and Hosts Intrusion Prevention features to monitor running processes like PowerShell and flag up fileless attacks.
- Use complex passwords (not to mention, changing passwords regularly).
- Disable PowerShell feature when not needed.
- Do not open or forward any email attachment that looks suspicious or that you weren’t expecting.
- Continuously update and train incident response personnel to ensure efficiency. SMEs should consider increasing their staff awareness of risks, and engage them in the process of preventing, detecting, and responding to cyberattacks.
- Train your employees about how and when to report an incident.
K7 Computing is already in the process of building cybersecurity awareness through its sister concern, K7 Academy, by offering myriad cybersecurity courses to cater to specific requirements.
DQ: What is K7 Computing’s growth & future plans?
K. Purushothaman: K7 Computing is going to do a deep dive into the enterprise segment with an array of products and solutions, creating an impact for K7 in the segment. K7 Computing will also be established in new geographies this year.
K7 Computing, with a rich of 27 years of experience, as the first cyber security product company with a “Make in India” customized engine, has also established the K7 Academy to create future cyber security experts. This academy helps students and professionals passionate about cyber security, by not just providing in-depth learning, but also exposing them to the state-of-the-art lab facility, and training by the working cybersecurity specialists.
There is a huge need for such professionals across the globe. We have tied up with some of the services companies which have been recruiting from this academy. While the K7 Academy intends to support all those passionate about cybersecurity, it also conducts several seminars and tests before getting the students and professionals enrolled for the programs and thus focuses on creating quality professionals.
DQ: Finally, please tell us about the new product launches
K. Purushothaman: K7 Computing has plans to launch a dedicated product for the Small Office/Home Office(SOHO) category. Discussions with many partners are in progress. This financial year will see the launch of the new SOHO product by K7 Computing, which will be a substitute for CIOs in the SME space.