The recent security breach by cyber attackers at the two card processing companies based in India, leading to an ATM heist of $45 million, exposes the vulnerability of not just the Indian IT industry but also other sectors where critical data and infrastructure apparatus are involved.
For cyber attackers financial information has always been on top of the list, as the Verizon 2013 data breach investigation report reveals. Large-scale financial cybercrime and state-affiliated espionage dominated the security landscape in recent times. Taking the top spot for all breaches in the 2013 report is financially motivated cybercrime, with state-affiliated espionage campaigns claiming the second spot.
According to the Verizon report, other breaches included cyber threats aimed at stealing intellectual property such as classified information, trade secrets and technical resources. And they do not just target financial institutions or banks, but also infrastructure set-ups like power plants or transport networks.
The security breach at the two card processing firms based out of Pune and Bangalore reveals the persistent attempts of these hackers. Pune-based Electra Card Services and Bangalore-based enStage, who provide their services to global financial institutions, were victims of this breach.
In an email response, enStage said, Since the time the incident occurred, Enstage has retained independent security experts to analyse the intrusion and to recommend enhancements to its information security infrastructure. Enstage has implemented both these enhancements as well as additional monitoring capabilities.
Today is the age of cyber-warfare and everything is vulnerable, said Ramsunder Papineni, regional director India & Saarc, FireEye, a network security company. He said that it is not just the BFSI sector which would be affected but also others like technology companies, pharma firms and the like. Papineni said that all these industries are constantly creating value in terms of data intellectual property which is invaluable to cyber attackers.
A cyber security expert with the Centre for Development of Advanced Computing (C-DAC) said the actual cause for the recent power outage in western India could never be determined and there is a strong possibility that it was due to a cyber attack.