With a number of Internet of Things (IoT) projects taking a center stage, a range of sophisticated malware is being deployed by hackers to target these critical infrastructure projects. Moreover, any of these IoT projects are being targeted at the proof of concept stages itself , finds a new research report by Subex.
The telecom solutions provider released the findings of its State of Internet of Things (IoT) Security Report for the second quarter (April-June 2019) of this calendar year in New Delhi today. The report, based on threat intelligence data gathered from across 15 cities all over India, outlines key sectors being attacked, the methods of attack, malware, and variants deployed, key cities that are being attacked and studied by hackers, malware developers and hacktivist groups.
The report reveals that the number of cyberattacks registered a 22 percent jump in the quarter. There has been a significant rise in reconnaissance attacks.
While Mumbai, New Delhi, and Bengaluru are attracting the maximum number of cyberattacks, smart cities, financial services, and transportation sectors lead the sectoral rankings in terms of cybersecurity breaches.
The study identified over 2550 unique malware samples in the country which is the highest reported so far. Modular and military-grade malware is often used by specialist hackers and groups with budgets and access to research and development facilities or online shops that develop and sell such sophisticated malware. Increase in the number of attacks with a geopolitical motivation is also a trend the study has reported.
The high level of malware persistence reported is indicative of a larger trend. Hackers are becoming more patient and willing to wait to attack or steal data. Also, the newer malware variants being detected are stealthier and can evade detection for a longer duration of time than before the study found. Such malware operates by staying silent while keeping their footprint and signature below detection thresholds. They can also streamline their behavior to match network traffic and stay dormant until certain thresholds are breached.
“By releasing these findings we intend to increase awareness and provide decision makers and other stakeholders sufficient data points to frame appropriate interventions. We hope this report will serve its purpose and help India secure its infrastructure and connected components,” said P Vinod Kumar, CEO, Subex.
The threat intelligence compiled points to a high level of hacker interest in projects in India and this is indeed a matter of concern,” he concluded.