Chennai recorded the highest number of cyberattacks in the country during the fourth quarter (Q4) of 2019-20. The infection rate in Chennai stood at 42%, followed by Patna at 38% and Bengaluru, Hyderabad and Kolkata at 35% each.
This has been revealed in the Cyber Threat Monitor Report released by K7 Computing. The report analysed various cyberattacks within India during this period and found that ‘threat actors’ targeted Chennai with a variety of attacks aimed at exploiting user trust and enterprise vulnerabilities.
The report found that among Tier-I cities, Chennai, Bengaluru, Hyderabad and Kolkata recorded the highest rate of infections, while among the Tier-II cities, Patna registered the highest infection rate at 38% followed by Guwahati, Jammu and Bhubaneswar. These attacks were designed to exploit user trust and scam people for financial gains.
In Tier-I cities, threat actors predominantly targeted SMEs (small & medium enterprises) by exploiting vulnerabilities caused by the sudden shift to work from home, with SMEs still being ill-equipped to handle cyberattacks. However, the report found that there was an 8% decrease in the overall rate of cyberattacks in the country during Q4 in comparison to the previous quarter.
Threat actors continued to exploit vulnerabilities in outdated software and operating systems in this quarter. Windows XP and Windows 7 were the most at risk as Microsoft has stopped providing updates and patches to these versions.
The report revealed that attacks by rootkits like Curveball, Remote Code Execution, phishing attacks based on COVID-19 trends, and DOS attacks were popular. Complex USB attacks also saw an increase; popular among these were crypto mining malware.
“SMEs and SOHOs must invest more in ensuring the safety of their IT infrastructure. We are seeing an increasing trend of threat actors targeting enterprises with complex viruses, Trojans, and even ransomware. On an individual level, the current risks facing users are fake apps, COVID-19 apps infected with malware, and phishing attacks. The most worrying of all is the new trend of many advanced threat actors offering malware as a service to cybercriminals,” said J Kesavardhanan, founder and CEO of K7 Computing.
Some of the other key findings from the study show that modern IoT (Internet of Things) gadgets are riddled with flaws and vulnerabilities which invite threat actors to attack. Many enterprises, irrespective of their size, are more likely to overlook IoT related security compared to other connected devices.
Popular Wi-Fi chipsets from Broadcom and Cypress have been affected by a vulnerability that allows unauthorised decryption of WPA2-encrypted traffic. It is believed that more than a billion devices could be exploited by this vulnerability, the report says.
As far as mobile devices are concerned, it has been observed that the number of Trojan infections has increased by 14%. Threat actors are increasingly rolling out complex Trojan-based apps that steal victims’ banking credentials. The notorious Operation Cerberus banking Trojan was primarily seen targeting Indian banking users.
Regarding the Apple Mac, many Potentially Unwanted Programs (PUPs) and adware were found, compared to malicious Trojans. The frequency of adware has reduced by 9%, while PUPs and Trojans have shot up by 2% and 7% respectively. Among the PUPs, MacKeeper topped the chart with a presence of 85% implying that most macOS users have been targeted by this infamous PUP, the report adds.
Experts at K7 Labs predict that the number of COVID-19 themed attacks and complex Trojan attacks will continue to increase in the next quarter. This will be further exacerbated by the increase in threats from amateur attackers who purchase malware related services to launch attacks at various individual and enterprise targets.
To help mitigate these threats, experts advise netizens to keep their systems updated with the latest patches, avoid using pirated software, install and use a reputed antivirus product, and practise proper digital hygiene.