The review for last quarter of 2018 reveals that 30.1% computer users in India were hit by a web-based attack.
The year 2018 was challenging for the cyber world, including in India. Kaspersky Lab’s threat review for the last quarter of 2018 reveals that 30.1% of computer users in India were hit by a web-based attack, and over half (52.4%) were targeted by a local threat, such as an infected USB device.
The quarterly threat overview is based on data obtained and processed using the Kaspersky Security Network (KSN) and provides global and regional insight on the mainline online and computer threats.
Online (web threats)
Attacks via browsers are the primary method for spreading malicious programs to unsuspecting users. In the period of October-December 2018, Kaspersky Lab products detected 39,718,184 different internet-borne cyberthreats on the computers of KSN participants in India (30.1% of users). This places India in 21st place worldwide when it comes to the dangers associated with surfing the web.
The following methods were used most often by cybercriminals to penetrate systems:
• Exploiting vulnerabilities in browsers and their plugins (drive-by download)
In such incidents, attackers take advantage of bugs in the software of popular browsers or plugins to infect users visiting the compromised website. Infection happens without any intervention from the user and without their knowledge. Many attacks use this approach to target victims, sometimes using ‘file-less’ malware, which is hard to detect and remove.
• Social engineering.
Another widely used distribution method for web-borne threats is social engineering. These attacks require user participation, with targets duped into clicking on a link and downloading a malicious file to their computer.
Local (computer-based) threats
Worms and file viruses account for the majority of computer-based incidents, with the infection often occurring via removable USB drives, CDs and DVDs, and other “offline” methods.
In the period October-December 2018, Kaspersky Lab products detected 66,013,977 local incidents on the computers of KSN participants in India. Overall, 52.4% of users in India were attacked by local threats during this period. This puts the country in 66th place worldwide.
Shrenik Bhayani, General Manager, Kaspersky Lab (South Asia) said, “We have seen an increase in the number of cyber threats in the past 2 years, which is post demonetization. As India is positively progressing digitally, the country’s citizens and businesses should also be more careful and aware of the cyber threats that can be targeted towards them. People should constantly be updated with the various cyber threats that are being used for cyber frauds, read up about them and also discuss the same with their family and friends in order to create and awareness and avoid being the victim of a cyber threat.”
While cybersecurity requires a holistic and multi-layer approach, basic online habits matter when it comes to avoiding web threats. Kaspersky Lab recommends that to protect themselves from both online and local threats, users need to install business or consumer-grade security software that includes:
• A behavior detection component capable of detection malicious activity even if the code is unknown
• Exploit prevention capability to detect and block attempts by malware to benefit from software vulnerabilities
• Advanced machine learning features that can spot heavily disguised and obfuscated malicious code designed to bypass traditional detection methods
• The ability to block any infected objects from connecting to the computer, including for businesses: a firewall, anti-rootkit functionality and control over removable devices.
Kaspersky Lab’s enterprise, SMB and home products feature such functionality.