Seqrite reports 48% growth in enterprise malware attacks in 2019

Pune-based enterprise security solution provider Seqrite says it detected and blocked more than 146 million threats on enterprises in 2019 -- marking a year-on-year growth of 48%.

The report titled ‘Seqrite Annual Threat Report 2020’ is based on insights analysed by the anti-virus software maker Quick Heal Security Labs -- the data is sourced from enterprise endpoints and networks.

The report on the growing cyber threat to the Indian enterprise ecosystem said that manufacturing, BFSI (banking, financial services and insurance), education, healthcare, IT/ITES (information technology/information technology enabled services) and the government as the most at-risk industries in the country, as they are the most lucrative for cybercriminals.

In a recent report by Oxfordshire, United Kingdom-based network security provider Sophos expects the cybersecurity threat landscape to change over the next few years, with criminals using emerging technology to target victims. The report predicted that the year ahead will witness several advanced ransomware attacks.

“The Indian enterprises and government departments are facing an unprecedented risk in cyberspace today. Digital transformation is leaving them vulnerable to sophisticated threats and attack campaigns conducted by organised cybercrime cells and hostile nation-states with a view of disrupting the larger socio-economic activity and stealing critical, important and sensitive information,” Sanjay Katkar, joint managing director and CTO at Quick Heal Technologies, said.

One of the prominent trends the report highlighted was the drastic increase in the volume, intensity and sophistication of cyberattack campaigns targeting Indian enterprises.

The report detected and blocked over 146 million enterprise threats -- 23% of which were identified through signature-less behaviour-based detection, indicating how a growing number of cybercriminals are deploying new or previously-unknown threat vectors to compromise enterprise security, the company said in a statement.

Given the growing digital penetration in the enterprise networks, the sharp spike should be a cause for concern for CIOs (chief information officers) and CISOs (chief information security officers) in the country. With network vulnerabilities and potential entry points increasing at a rapid pace, threat actors are expected to leverage AI (artificial intelligence) capabilities to power their malware campaigns in the future to capitalise on newer attack vectors.

“We want to empower CIOs, CISOs, business leaders and all key public stakeholders with the insights they need to combat the growing complexity of the threat landscape. India’s digital journey depends on ensuring robust cybersecurity for all stakeholders within the enterprise ecosystem,” Katkar said.

The digital transformation is also giving rise to multiple cybersecurity concerns across the enterprise ecosystem. Rapid integration of IoT (internet of things) devices, BYOD (bring your own device) and third-party APIs (application program interface) into enterprise networks has created newer security vulnerabilities.

The report also highlighted several large-scale APT (advanced persistent threat) attacks deployed against organisations in the government sector, including prominent attack campaigns such as Operation m_project and BackDoor.DTrack.

The report said the continued lack of security awareness among enterprises and government organisations is alarming. “Unsecured RDP (Remote Desktop Protocol) and SMB (Server Message Block) protocols continue to be targeted through brute-force attacks. Spear phishing attack campaigns leveraging Office exploits and infected macros were also used extensively by cybercriminals to gain access to enterprise networks and steal critical data,” it said.

Recently, Moscow-based cybersecurity and anti-virus making firm Kaspersky Lab warned that cybercriminals are likely to target online payment processing systems in 2020.