Small businesses require built-in security to protect their systems from cyber threats, according to Keshav Dhakad, Group Head & Assistant General Counsel – Corporate, External & Legal Affairs, Microsoft India.

“SMBs of all businesses need a built-in security system. They do not have teams, (or) resources, including a CISO, or a CTO. They’re not going to have that scale that they can invest in a team,” Dhakad told BusinessLine at the launch of the latest edition of Microsoft’s Security Endpoint Threat Report 2019.

“It is very critical for management, especially of large enterprises and corporations, to take note of the cyber resiliency framework that they have,” he said.

Organisations need to design the framework based on certain aspects such as “Do they have a cyber response strategy? What is their communication plan? What is their threat detection mechanism? How are they equipping not only their tech and security teams but also an everyday employee?”

“We need to move towards more data-driven protection. Data would require classification and labelling to be able to assign a particular security protocol to it. Then you have access privileges assigned on the basis of that. After that you’re verifying, you have the infrastructure, and then, of course, the network,” he further said.

Cyber threats in India

Microsoft recently released its security endpoint report detailing the overall cyber security landscape in countries across the world, including India.

According to the report, crypto currency mining encounters and drive-by download attacks were among the biggest cyber security threats for India in 2019.

These attacks involve downloading malicious code onto an unsuspecting user’s computer when the user visits a website or fills up a form. The malicious code that is downloaded is then used by an attacker to steal passwords or financial information, the report explains.

According to the report, India had the second-highest drive-by download attack volume Year-on-Year (YoY) across the Asia Pacific region with such attacks witnessing a 140 per cent increase from 2018.

“Cyber criminals capitalise on drive-by download technique to target the organisations and end-users with the objective of stealing valuable financial information or intellectual property. This is a likely reason for regional business hubs recording the highest volume of these threats,” explained Dhakad. “We’d like to emphasise that the high encounter rate does not necessarily translate into a high infection rate as the level of cyber hygiene and use of genuine software prevent the systems from getting compromised.”

Other threats included malware and ransomware encounters along with crypto currency mining.

India registered the seventh highest malware encounter rate across the region, at 5.89 per cent in the past year. This was 1.1 times higher than the regional average. The report also found that India recorded the third highest ransomware encounter rate across the region, which was two times higher than the regional average. This was despite a 35 per cent and 29 per cent decrease in malware and ransomware encounters respectively, over the past year, the report read.

Dhakad said, “While overall cyber hygiene in India has improved, we believe there is more to be done. Typically, high malware encounters are a result of excessive usage of unlicensed and/or pirated software, and the proliferation of sites that illegitimately offer free software or content, such as video streaming. Consumer education is important – users should regularly patch and update programs and devices and be able to identify unsafe websites and illegitimate software.”

Security in the time of Covid-19

These threats have only accelerated due to Covid-19. Approximately 60,000 phishing emails detected by the team globally include Covid-19-related malicious attachments or malicious URLs.

Dhakad further explained, “According to our data, we found that Covid-19-themed threats are mostly retreads of existing attacks that have been slightly altered to tie to the pandemic. This means that attackers have been pivoting their existing infrastructure, like ransomware, phishing, and other malware delivery tools, to include Covid-19 keywords, to capitalise on people’s fears. Once users click on these malicious links, attackers can infiltrate networks, steal information and monetise their attacks.”

Organisations need to invest in mulch-layered defence systems and turn on multi-factor authentication (MFA) as employees work from home, says the report. Individuals, meanwhile, should also take necessary measures to secure their systems, including updating all devices with the latest security updates and using an antivirus or anti-malware service, it said.