Under attack: 4,300 Indian websites defaced in H1 2010

September 17, 2010 01:09 IST

More and more Indian websites are coming under threat from attackers and face the fear of getting defaced. In the first half of 2010, around 4,300 websites were reported to have been defaced in India. This threat has assumed significance in light of the fact that Indian companies are now increasing their online presence and tapping consumers through social networking sites. As a result, every vertical faces a potential threat, say experts from RSA, the security division of EMC and Symantec India.

Symantec?s State of Enterprise Security Survey 2010 revealed that on an average, Indian enterprises lost Rs 58 lakh in revenue due to cyber attacks in 2009. ?For most companies that want to establish a prominent online presence, website defacement can result in major setbacks for them. This is especially true for government organisations, or organizations in the BFSI sector or even in the online retail segment. No matter how the websites are defaced, it can cause significant losses for companies in terms of revenues and/or customer trust,? said Vishal Dhupar, MD. Symantec India. While defacement of popular Indian websites attracts headlines, the bigger threat for enterprises is when vulnerabilities in their websites are exploited for financial gain, he explained.

?Bot infected computers are on the rise in India. In June 2010, 39,600 bot infected computers were detected in India. A total of 3367 Indian websites with malicious content was detected by the agency in the first six months of this year,? said Vikas Desai,lead technology consultant, India & Saarc ? RSA. There are two reasons for these kinds of attacks ? creating havoc and mayhem and commercial gain, he said. Desai said the Indian banking system survived the recent recession, has a lot of money and therefore ends up as a low hanging fruit for fraudsters especially since there is no advanced form of authentication and very few banks have opted for this level of security, Desai explained. Student accounts, according to him, are vulnerable since they have considerable money in the bank and a few rupees stolen here or there usually go unnoticed, he said.

Any website with a good reach can be a potential target, regardless of the nature of the website. If the attacks are motivated by fame, the higher the traffic to a website, the more alluring it is as a target. From government to entertainment and media, popular websites are the preferred choice, said Dhupar. ?As enterprises increase their online presence to capitalise on the social media wave and increase sales through cost-effective methods, every vertical is a potential target. However, high-risk industries such as banking, financial services and insurance, telecom and government are under greater threat of their websites being hacked,? he said. Symantec?s Internet Security Threat Report XV revealed that 91% of phishing attacks in 2009 were on the financial sector.

Apart from banking, social networking sites can also be attacked to steal private information, since these websites are extremely popular.

This article was first uploaded on September seventeen, twenty ten, at nine minutes past one in the night.