Cyber Security Attacks in India to Date

If you are doing business in India or simply want to avoid surveillance and hackers, your best bet is a virtual private network, like Surfshark.

What is a VPN and how does it work?

A virtual private network is an encrypted connection from your physical location to a remote server. The VPN conceals your activity from your service provider, who knows you are online but cannot track where you are going or where you have been. A VPN bypasses user restriction as well. Log on through a VPN server in India here https://surfshark.com/servers/india and gain access to popular Hotstar, SonyLIV, as well as a local Netflix library.

When you log into a “no-logs” VPN service like Surfshark, except for required technical monitoring, the VPN service cannot glean, harvest, nor sell your usage data to marketers. User internet activity, even if anonymous, is the ever-increasing big data that guides advertising, marketing, and—yes—surveillance activity.

For example, in India the 1883 Indian Telegraph Act allows the government to legally spy on its citizens. Anyone accessing or using an India-based web service is vulnerable to that surveillance as well as rampant cyber-security issues that have plagued this huge nation.

Why you need a VPN in India

Business is booming for cybersecurity insurance companies in India. According to LiveMint.com, the demand for cyber risk insurance in India by 40% in 2018. That demand was driven by at least four factors:

1. Because of the massive growth of its Internet population (about 60 million a month), India is one of the top least cyber secure countries in the world.
2. India has recently been the second most victimized country with an increase of 22% in cyber-attacks. (See below for just a few examples.)
3. There is a lack of uniformity in devices and software used for internet access. India has a vast population with income groups where not everyone can afford expensive, more secure phones and computers. For example. technically advanced iPhones comprise less than 1% of mobile users in India.
4. Most alarmingly, there is no national architecture for cyber-security. The critical digital infrastructure in India is run and owned by the private sector. There is a vulnerable lack of separation of cyber assets and controls as well as no national system or structure to unify the efforts of private and government agencies to address and tackle threats.

Unfortunately, India is years away from solving this problem, despite its Prime Minister’s office new management position to address the foregoing. In 2019, according to an article by Palavi Duta, 69% of Indian firms faced serious cyber-attacks. Most attacked were the Indian metropolises of Mumbai, New Delhi, and Bengaluru. CISCO’s annual Cyber Security Report found that 53% of cyber-attacks cost Indian organizations more than $500,000 that year.

Particularly vulnerable is India’s financial system. Reacting to an alarming report from a Singapore-based cyber-security firm that 1.2 million debit cards were available on line, India’s central bank sounded the alarm.

Likewise, as India, with a population in excess of a billion more than the United States, moves more to government-encouraged online banking, the digital literacy of its masses has not kept pace. With 600 million users on line and a large number of guest workers unfamiliar with the local language, India’s bank customers are particularly vulnerable to fraud.

A nightmare compendium of major cyber-security attacks in India

Not surprisingly, the biggest cyber-attacks in India have focused on banks. In the leapfrog contest between hackers and fixers, cyber-criminals in India are so far ahead of the game. Specifically:

• A breach of the Cosmos Bank in the western city of Pune, India, shook the Indian Banking sector when hackers over a period of years stole nearly $13 million. Hackers siphoned that loot from the bank’s ATM servers and hacked online transfers as international hackers moved quickly to withdraw the money.
• Two Navi Mumbai hackers were nabbed after transferring about $540,000 from hacked bank accounts. The culprits gained access to user’s smartphone SIM cards and blocked diverted banking transactions with the help of fake documents. They compounded the theft through breaches of targeted companies.
• In mid-2018 criminals rigged the Indian Canara bank ATM servers with skimmers and made off with over $27,000 from users’ accounts. The breach also compromised ATM details of more than 300 bank customers.

Other sectors in India have been targeted as well:

• In a breathtaking data breach involving nearly 1.1 billion Indian Aadhaar cardholders, the Indian government websites leaked personal details of cardholders online. This compromise would be comparable to a massive breach of the U.S. Social Security and IRS databases.
• In the Indian version of a HIPAA breach, An Indian healthcare website was breached. Hackers stole nearly 7 million patient and physician records. Patient records are loaded with other private information and are lucrative targets for those who deal in the dark web.
• India was, according to an Analytics in Indiapiece, among “the top nations which came under ransomware attacks in 2019.” Ransomware demands were as high as $5 million.

India’s cyber-attack defense is lagging

Writing for Analytics in India Magazine, Yeshey Rabzyor Yolmo writes that the authorities in India have not been up to the task. Yolmo reports, “Their reluctance to divulge information is worrisome.” He cites several examples of reticent and slow responses and a stonewalling refusal to own up to their mistakes.

Equally telling is Yolmo’s quote of a former Indian telecom secretary: “Globally, the trend is to have overarching agencies for better command and control. It is time we also have a similar structure…”

Conclusion

If you are going online in India, you should use a secure VPN like Surfshark. The VPN provides an encrypted connection that hides your location and protects your privacy. The added layer of security and privacy is another line of defense against surveillance and hacking that has plagued this huge country over recent years. The Indian cyber-defense capability has yet to match the threat.

Beware of so-called free VPN services, which can harvest your data and litter your experience with annoying popup ads. You need a subscription-based no-logs VPN service like Surfshark to plug the privacy and security gap.