September 11, 2019 • Tier 2 regions affected on par with Metros; Patna leads the table
• Indicates threats from Google Play Store
Chennai, 11th September 2019: Indian netizens are under regular cyber-attacks with almost 1 in 3 users in the country encountering cyber-attacks in the Q1 of the current fiscal 2019–20, reveals the latest findings of K7 Computing’s Cyber Threat Monitor (CTM), which is one of the largest and deepest study on the Indian cybersecurity landscape. The study also detected that South India’s Metros – including Chennai, Bangalore and Hyderabad have witnessed more cyber-attacks than Tier1 cities in other parts of the country – North, West and East.
K7 Computing’s CTM is a quarterly report that provides an insightful look into the complex cybersecurity landscape in India and makes cyber safety recommendations that address both Enterprise and Consumer segments. As a part of this process, K7 Computing real-world telemetry data from almost 7 million unique devices and K7 Labs security incident investigation data were studied and presented in the form of an index. The report tracks all critical components like Enterprise, Mobile, Mac, Windows and IoT, covering 20 Indian cities that includes Metros, Tier1 and Tier2 regions.
According to the report, amongst Tier1 cities, Chennai has recorded the highest percentile of cyber-attacks with 48% in Q1, followed by Kolkata with 41% during the same period. The Capital city of India, Delhi has registered the lowest percentile of cyber-attacks with 28% in Q1. As per the report, cyber risk exposure steadily rises on working days in Metros, starting from Monday, and records the highest on Friday. In terms of time of day, the cyber riskiest hour in the Metros is around 4 PM and the cyber safest is around 6 AM.
The average percentage of cyber-attacks in the top dozen infected Tier2 cities was found to be worse when compared to Metros and Tier 1 regions. In the first quarter, Patna experienced the highest percentile of cyber-attacks (48%), closely followed by Guwahati (46%) and Lucknow (45%), while Thiruvananthapuram stood safest among others at 35%.
Commenting on the findings, K Purushothaman, CEO of K7 Computing said, “K7 Computing’s K7 Labs’ Cyber Threat Monitor highlights the ever-evolving threat landscape around the country and addresses the growing necessity of being more proactive in the approach towards cybersecurity. We see an increasing number of cyber-attacks in Tier 1 and Tier 2 cities, and therefore, we urge concerned stakeholders to leverage specific intelligence for countermeasures and threat hunting. As a pioneer in the industry, K7 Computing will continue to spread cybersecurity awareness and help its customers to mitigate risks by building a cyber-safe environment.”
Other key findings from the Study:
Enterprise Insecurity
• Mismanaged servers continue to be the major threat as many servers are yet to patch Oracle WebLogic vulnerabilities CVE-2019-2725 and CVE-2019-2729
• Having even a single unprotected system in the same network environment as the other critical systems will invite trouble
Vulnerabilities Galore
•Remote Desktop Protocol (RDP) based attacks continues to be a dominant type of cyber threat in the country, typically due to inadequate system configuration settings and protective infrastructure
Windows Attack
•Ransomware and Fileless attacks continued to grow faster in the country making them an ever-growing problem. The arrival of Ransomware-as-a-Service (RaaS) is helping ransomware attacks grow much faster
• Wrm.Gamerue.LNK, a component of a worm, was the most prolific type of malware artefact tracked
Mac Attack
• Whilst it has been the Windows OS which has been at the bullseye of most cyber-attacks, cybercriminals are now increasingly targeting Apple’s home-grown operating system, macOS
• Trojan attacks, at 72%, detected to be the major threat for Mac followed by Adware (18%) and PUP / PUA (Potentially Unwanted Programs / Potentially Unwanted Applications) that stood at 9%
Mobile Attack
• Jio-4G-Offer, the PUP pretending to be related to the Indian network provider “Jio”, and claiming to provide new and exclusive offers for Jio mobile users, was found to be a new and major threat for the users
• The increasing presence of PUPs/PUAs in Google Play Store has significantly broadened the threat landscape for Android mobile users
• Threat actors are targeting immensely popular categories like photo editors, beautification filter apps, music players, equalisers, fake monitors or spying apps and fake Anti-Virus apps to deliver deceptive PUPs
Internet of Things (IoT) Attack
• A majority of IoT device manufacturers and users are found to be ignorant about the necessity of optimised security, thus inviting massive-scale attacks
• Sophisticated state-sponsored threat actors or APT groups are increasingly using IoT Bonet attacks to take down several IIoT (Industrial Internet of Things) networks such as those at large banking bodies, government enterprises, hotel chains, manufacturing companies, and utilities and natural resource companies
• The report states that routers are the most vulnerable IoT devices existing in the country, followed by printers, NAS, IP cameras, media players, set-top boxes, and smart TVs
About K7 Computing:
Incorporated in 1991, K7 Computing is a global provider of innovative cyber security solutions for enterprises and consumers. With more than 20,000 channel partners, K7 Computing takes pride in protecting more than 25 million customers worldwide against the most advanced threats to their IT environment. The recent notification from the Indian Ministry of Electronics and Information Technology (MeitY) on procurement of 100% indigenous cyber security products establishes K7 Computing as the only Indian player to comply with the Public Procurement Order 2018 for Cyber Security Products.
About K7 Labs:
K7 Labs is K7 Security’s threat research division. For over 25 years, K7 Labs has been at the forefront of antimalware research and threat intelligence, enabling customers to protect their businesses and lead safe and secure digital lives. At the heart of all K7 Security solutions is K7 Labs’ protection data and Ecosystem Threat Intelligence (K7ETI) which ensures that all K7 solutions leverage the best telemetric data about an adversary’s capabilities and tactics enabling the proactive prevention, detection, and mitigation of future cyber threats and attacks. K7 Labs researchers regularly share their research work at several leading international cybersecurity research conferences such as Virus Bulletin, CARO, AMTSO, AVAR, among others.
Click here to download the full Cyber Threat Monitor
• Indicates threats from Google Play Store
Chennai, 11th September 2019: Indian netizens are under regular cyber-attacks with almost 1 in 3 users in the country encountering cyber-attacks in the Q1 of the current fiscal 2019–20, reveals the latest findings of K7 Computing’s Cyber Threat Monitor (CTM), which is one of the largest and deepest study on the Indian cybersecurity landscape. The study also detected that South India’s Metros – including Chennai, Bangalore and Hyderabad have witnessed more cyber-attacks than Tier1 cities in other parts of the country – North, West and East.
K7 Computing’s CTM is a quarterly report that provides an insightful look into the complex cybersecurity landscape in India and makes cyber safety recommendations that address both Enterprise and Consumer segments. As a part of this process, K7 Computing real-world telemetry data from almost 7 million unique devices and K7 Labs security incident investigation data were studied and presented in the form of an index. The report tracks all critical components like Enterprise, Mobile, Mac, Windows and IoT, covering 20 Indian cities that includes Metros, Tier1 and Tier2 regions.
According to the report, amongst Tier1 cities, Chennai has recorded the highest percentile of cyber-attacks with 48% in Q1, followed by Kolkata with 41% during the same period. The Capital city of India, Delhi has registered the lowest percentile of cyber-attacks with 28% in Q1. As per the report, cyber risk exposure steadily rises on working days in Metros, starting from Monday, and records the highest on Friday. In terms of time of day, the cyber riskiest hour in the Metros is around 4 PM and the cyber safest is around 6 AM.
The average percentage of cyber-attacks in the top dozen infected Tier2 cities was found to be worse when compared to Metros and Tier 1 regions. In the first quarter, Patna experienced the highest percentile of cyber-attacks (48%), closely followed by Guwahati (46%) and Lucknow (45%), while Thiruvananthapuram stood safest among others at 35%.
Commenting on the findings, K Purushothaman, CEO of K7 Computing said, “K7 Computing’s K7 Labs’ Cyber Threat Monitor highlights the ever-evolving threat landscape around the country and addresses the growing necessity of being more proactive in the approach towards cybersecurity. We see an increasing number of cyber-attacks in Tier 1 and Tier 2 cities, and therefore, we urge concerned stakeholders to leverage specific intelligence for countermeasures and threat hunting. As a pioneer in the industry, K7 Computing will continue to spread cybersecurity awareness and help its customers to mitigate risks by building a cyber-safe environment.”
Other key findings from the Study:
Enterprise Insecurity
• Mismanaged servers continue to be the major threat as many servers are yet to patch Oracle WebLogic vulnerabilities CVE-2019-2725 and CVE-2019-2729
• Having even a single unprotected system in the same network environment as the other critical systems will invite trouble
Vulnerabilities Galore
•Remote Desktop Protocol (RDP) based attacks continues to be a dominant type of cyber threat in the country, typically due to inadequate system configuration settings and protective infrastructure
Windows Attack
•Ransomware and Fileless attacks continued to grow faster in the country making them an ever-growing problem. The arrival of Ransomware-as-a-Service (RaaS) is helping ransomware attacks grow much faster
• Wrm.Gamerue.LNK, a component of a worm, was the most prolific type of malware artefact tracked
Mac Attack
• Whilst it has been the Windows OS which has been at the bullseye of most cyber-attacks, cybercriminals are now increasingly targeting Apple’s home-grown operating system, macOS
• Trojan attacks, at 72%, detected to be the major threat for Mac followed by Adware (18%) and PUP / PUA (Potentially Unwanted Programs / Potentially Unwanted Applications) that stood at 9%
Mobile Attack
• Jio-4G-Offer, the PUP pretending to be related to the Indian network provider “Jio”, and claiming to provide new and exclusive offers for Jio mobile users, was found to be a new and major threat for the users
• The increasing presence of PUPs/PUAs in Google Play Store has significantly broadened the threat landscape for Android mobile users
• Threat actors are targeting immensely popular categories like photo editors, beautification filter apps, music players, equalisers, fake monitors or spying apps and fake Anti-Virus apps to deliver deceptive PUPs
Internet of Things (IoT) Attack
• A majority of IoT device manufacturers and users are found to be ignorant about the necessity of optimised security, thus inviting massive-scale attacks
• Sophisticated state-sponsored threat actors or APT groups are increasingly using IoT Bonet attacks to take down several IIoT (Industrial Internet of Things) networks such as those at large banking bodies, government enterprises, hotel chains, manufacturing companies, and utilities and natural resource companies
• The report states that routers are the most vulnerable IoT devices existing in the country, followed by printers, NAS, IP cameras, media players, set-top boxes, and smart TVs
About K7 Computing:
Incorporated in 1991, K7 Computing is a global provider of innovative cyber security solutions for enterprises and consumers. With more than 20,000 channel partners, K7 Computing takes pride in protecting more than 25 million customers worldwide against the most advanced threats to their IT environment. The recent notification from the Indian Ministry of Electronics and Information Technology (MeitY) on procurement of 100% indigenous cyber security products establishes K7 Computing as the only Indian player to comply with the Public Procurement Order 2018 for Cyber Security Products.
About K7 Labs:
K7 Labs is K7 Security’s threat research division. For over 25 years, K7 Labs has been at the forefront of antimalware research and threat intelligence, enabling customers to protect their businesses and lead safe and secure digital lives. At the heart of all K7 Security solutions is K7 Labs’ protection data and Ecosystem Threat Intelligence (K7ETI) which ensures that all K7 solutions leverage the best telemetric data about an adversary’s capabilities and tactics enabling the proactive prevention, detection, and mitigation of future cyber threats and attacks. K7 Labs researchers regularly share their research work at several leading international cybersecurity research conferences such as Virus Bulletin, CARO, AMTSO, AVAR, among others.
Click here to download the full Cyber Threat Monitor