Symantec has released its latest Internet Security Threat Report, which suggests that smaller and emerging cities such as Bhubaneshwar, Surat, Cochin, Jaipur, Vishakhapatnam and Indore are facing risks of cyber attacks, with 23 percent of bot-infections in India reported in such cities. The report further shows that advanced targeted attacks are spreading beyond the more commonly assumed target of large organisations with 50 percent targeting small and medium organisations in 2011. In addition, the report highlights that while the number of vulnerabilities decreased by 20 percent, the number of malicious attacks continued to skyrocket by 81 percent.
“Augmented by broadband penetration, smaller and emerging cities of India are exploring opportunities offered by the virtual world, in turn creating a new lucrative pool of targets for cyber criminals to exploit,” Shantanu Ghosh, vice president and managing director, India Product Operations, Symantec. “Lack of awareness and low adoption of security measures makes these cities susceptible to cyber threats and warrants greater vigilance in protecting information assets.”
Small and emerging cities such as Bhubaneshwar, Surat, Cochin, Jaipur, Vishakhapatnam and Indore have a high proportion of SMBs and industry clusters. The Symantec report observed a sizeable 25 percent of bot-infected computers in these cities, indicating that these locations are being inducted as part of a network of compromised computers. Additionally, some cities that repeatedly appear in the list for origin of phishing in India - Ahmedabad, Nashikand Coimbatore also figure in the list of bot-infections.
On targeted attacks, the report says such attacks are rising, with the number of daily targeted attacks increasing from 77 per day to 82 per day by the end of 2011. Targeted attacks use social engineering and customized malware to gain unauthorized access to sensitive information. These advanced attacks have traditionally focused on public sector and government; however, in 2011, targeted attacks diversified.
The report also highlights targeted attacks are no longer limited to large organisations. More than 50 percent of such attacks target organizations with fewer than 2,500 employees, and almost 18 percent target companies with fewer than 250 employees.
Approximately 1.1 million identities were stolen per data breach on average in 2011, according to the report. Hacking incidents posed the greatest threat, exposing 187 million identities in 2011—the greatest number for any type of breach last year. However, the most frequent cause of data breaches that could facilitate identity theft was theft or loss of a computer or other medium on which data is stored or transmitted, such as a smartphone, USB key or a backup device. These theft-or loss-related breaches exposed 18.5 million identities.
Mobile vulnerabilities increased by 93 percent in 2011. At the same time, there was a rise in threats targeting the Android operating system, reveals the report.