India’s cyber-threat share rises in 2018: Symantec

India’s percentage share of global cyber threats rose from five per cent in 2017 to eight per cent in 2018, with its global rank remaining the same at number three, said a report by cybersecurity firm Symantec Corp, adding that in the Asia-Pacific region the country came second.

The report said that the US and China, globally ranked one and two, respectively, have shown a decline in the number of cyberattacks in 2018 – offering a sharp contrast to India, which is trailed by Brazil and Vietnam in that order on the global cyber threat list for 2018.

The report also shares that cybercriminals are adopting newer methods as returns from cryptojacking slow down. Under cryptojacking, cyber criminals use victims’ devices to mine cryptocurrencies without their knowledge, said Symantec.

“Faced with diminishing returns from cryptojacking, cyber criminals are doubling down on alternative methods, such as formjacking, to make money,” the company said in a statement.

Formjacking, said Symantec, uses malicious JavaScript code to steal credit card details and other information from payment forms on the checkout web pages of e-commerce sites. 

On average, more than 4,800 websites are compromised with formjacking code every month globally, the report said.

“Formjacking represents a serious threat for both businesses and consumers,” said Greg Clark, CEO, Symantec. “Consumers have no way to know if they are visiting an infected online retailer without using a comprehensive security solution. For enterprises, the skyrocketing increase in formjacking reflects the growing risk of supply-chain attacks, not to mention the reputational and liability risks businesses face when compromised.”

The report further said that 2018 brought drop-offs in cryptomining activity, primarily due to declining cryptocurrency values and increasing adoption of cloud and mobile computing.

Although cryptojacking peaked early last year, it declined 52% throughout the course of 2018, Symantec said.

Newer methods include supply chain and living off the land (LotL) attacks, which ballooned 78% in 2018, the report said.

LotL techniques allow attackers to maintain a low profile and hide their activity in a mass of legitimate processes. For example, the use of malicious PowerShell scripts increased 1,000% last year.

The report also said that the volume of Internet of Things (IoT) attacks remained high and consistent in 2018 compared with the previous year.

“With an increasing trend towards the convergence of information technology (IT) and industrial IoT, the next cyber battlefield is operational technology,” said Ajathashatru Varma, director, Symantec Cyber Security Services, India. “A growing number of groups, such as Thrip and Triton, are displaying interest in compromising operational systems and industrial control systems to potentially prepare for cyber warfare.”