Date:15/03/2009 URL: http://www.thehindu.com/2009/03/15/stories/2009031555111000.htm
Front Page Economic decline may hurt online security, says expert T. Ramachandran Phishing attacks and other fraudulent activity will increase KOCHI: The decline in the global economy is one of the factors that will impact online security in 2009, with phishing attacks and other fraudulent activity of a financial nature increasing during the year, say experts. Phishing, which involves stealing or appropriation of personal information for misuse, has emerged as a major cyberthreat today. Shantanu Ghosh, vice-president, India Product Operations, of the security and information management company, Symantec, said phishing attacks had been growing in India. A Symantec report released in December revealed that India accounted for four per cent of the fraud attacks using IP addresses, and also found itself in a "prominent position among countries hosting such sites." "In the last year, Symantec observed over 600 phishing URLs with IP addresses hosted in India," he said, explaining that many Indian companies from banks to airlines and retailers were the targets. Over 1,000 unique phishing attacks occurred on reputed Indian banks during the past year alone. "Though many top banks have made headlines as targets of phishing attacks, smaller banks and businesses have not been spared either. The fact that phishing attacks have now permeated the smaller businesses and cities only makes it a larger concern," he said. "Even smaller cities like Jaipur have come under the radar of phishing attacks, fast becoming a hub for hosting phishing sites." Other cyberthreats What other cyberthreats are likely to be seen most during 2009? New strains of malicious software, or malware, which "consist of millions of distinct threats that propagate as a single, core piece of malware," advanced Web-based threats that capitalise on the growing number of Web services being offered globally, increasing attacks on social networks and a significant increase in spam could be key trends in the coming months. Malicious activity in the form of worms, viruses and trojans (various kinds of malicious code) was on the rise in India. Referring to another Symantec report issued in 2008, Mr. Ghosh said more than 65 per cent of malicious attacks in India were through worms (programs that replicate themselves automatically) as compared to the global average of 22 per cent. India had 38,502 bot-infected (malicious code that could render a computer vulnerable to being controlled remotely) computers and more than 60 command and control servers, a 50 per cent increase from the last reporting period. While 56 per cent of such computers were located in Mumbai, 16 per cent were traced to Chennai and 14 per cent to New Delhi. The results of the 'Online Wellbeing survey' released in February, which included users from India for the first time, revealed that as many as 70 per cent of them depended on the security software they had purchased or the security service from their Internet Service Provider for warding off threats. Globally, 67 per cent of those surveyed were aware that they needed "more than anti-virus to keep them safe and almost 90 per cent knew that they can get infected by visiting a malicious website, even if they don't download anything." Though 92 per cent of the users had security software installed in their computers, only 21 per cent knew about the need for keeping their antivirus software updated "several times a day." An Information Systems Security Survey 2007-08 conducted by the Indian Computer Emergency Response Team, the Federation of Indian Chambers of Commerce and Industry and PricewaterhouseCoopers, which covered more than 140 organisations from a broad range of industries, noted that compared to the past, a smaller percentage of organisations suffered security breaches, with viruses being the main culprit (68 per cent). To unsubscribe send a message to accessindia-requ...@accessindia.org.in with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in