According to Norton’s “Internet Security Threat” report, India has 4.2 crore Cyber Crime victims in 2012. (Report in Business Standard).
According to the report, the total cost of Cyber Crimes globally is US$110 billion( approx: Rs 6,60,000 crores) of which the cost of crimes in India is around us$ 8 billion (Rs 48,000 crores).
The report reveals a 58 per cent increase in mobile malware. Fifty percent of mobile malware created in 2012 attempted to steal our information or track our movements.
Thirty-two per cent of mobile threats are attempts to steal e-mail IDs and telephone numbers and 61 per cent of malicious web sites are legitimate and are compromised and infected with a malicious code.
The top five web sites hosting infections include business, technology and shopping web sites. Sixteen gangs are active in ransomeware.
Detailed reports can be accessed here.
Another important observation is that 50 percent of all targeted attacks were aimed at businesses with fewer than 2,500 employees. In fact, the largest growth area for targeted attacks in 2012 was businesses with fewer than 250 employees; 31 percent of all attacks targeted them. This indicates that “Small Businesses” are increasingly targetted by criminals.
It is also interesting to note that within an organization, the most frequently targeted job role was in R&D, which accounted for 27 percent of attacks probably indicating that IPR theft as a target or espionage by competitors.
The total number of new vulnerabilities reported in 2012 stood at 5,291. This figure works out to approximately 101 new vulnerabilities a week. Compared with the number from 2011, which was 4,989, it represents an increase of 6 percent from that of 2011. All of the top five vulnerabilities were several years old with patches available. 12 Zero day vulnerabilities including 3 browser based vulnerabilities were identified during the year.
Corporates may take note that “Watering hole based attack” has grown as a strategy of targetted attacks. In this strategy, genuine websites expected to be visited by targeted members are infected with trojans which automatically download themselves to the visitors. We may recall that Bank of India website, Deccan Herald websites were among such compromised websites that Indians have come across in the past. This underscrores the need for all website managers to tighten the security at hosting level to mitigate such risks.