You are here: Home » PTI Stories » National » News
Business Standard

Personal information data breach looms large in India: Verizon

Press Trust of India  |  New Delhi 

Lack of strong and legislations makes highly vulnerable to data breaches related to personal information, according to digital network solution firm

"Specifically with respect to India, the threat of PII (personally identifiable information also called sensitive personal information) data breaches looms large due to lack of a strong and legislation," Enterprise Solutions, Managing Principal for APJ, said.

The company today released investigations report (DBIR) which found that social engineering targeting personal information in education segment is high, which is then used for identity fraud.

"Highly sensitive research is also at risk, with 20 percent of attacks motivated by espionage. Eleven percent of attacks also have fun as the motive rather than financial gain," the report said.

Thapar said that with hyper increase of e-commerce, and transactions and the rate at which and 4G penetration is increasing in India, other threats such as phishing, pretexting, ransomware, cryptojacking, botnet infections and DDoS have become all the more worrisome in today's scenario.

The DBIR said ransomware, a malware which locks computers and frees it after getting money, attacks double since 2017 and now

"Ransomware attacks are a key cybersecurity threat for global organisations. It is the most common type of malware, found in 39 percent of malware-related data breaches double that of last year's DBIR, and accounts for over 700 incidents - is no exception to this trend according to our investigation caseloads," Thapar said.

According to the report, human factor continues to be weak link in cyber security breaches with employees of companies still falling victim to social attacks.

"Financial pretexting and phishing represent 98 per cent of social incidents and 93 percent of all breaches investigated with email continuing to be the main entry point (96 per cent of cases). Companies are nearly three times more likely to get breached by social attacks than via actual vulnerabilities, emphasizing the need for ongoing employee cybersecurity education," the report said.

It further said that while on average 78 percent of people did not fail a phishing (misleading e-mails, website links etc) test last year, 4 percent of people do for any given phishing campaign.

"A cyber criminal only needs one victim to get access into an organization," the report said.

It said that one security breach can have multiple attackers and the study by the company found that 72 per cent of attacks were perpetrated by outsiders, 27 per cent involved internal actors, 2 per cent involved partners and 2 per cent feature multiple partners.

"Organised crime groups still account for 50 percent of the attacks analysed," the report said.

(This story has not been edited by Business Standard staff and is auto-generated from a syndicated feed.)

First Published: Tue, April 10 2018. 22:40 IST
RECOMMENDED FOR YOU