Organisations are being subjected to business email infrastructure compromises, ransomware attacks, and data breaches.
Jayant Saran, Sachin Yadav, Rahul Vallicha, Chirag Chaudhari
In recent times, there has been a manifold increase in technological advancements and digital platform adoption, further accelerated by COVID-19. We have witnessed an exponential rise in digital financial transactions and remote education, work, and entertainment. With such fast-paced growth, opportunities for fraudsters perpetrating digital scams have also gone up significantly. Organisations are being subjected to business email infrastructure compromises, ransomware attacks, and data breaches. In most cases, employees play a critical role, either voluntarily or as unsuspecting conduits. It is reported that ransomware incidents increased by 41 percent over the last year.
Automobile companies, service organisations, power companies, health care companies, and travel businesses, among others, have featured as institutional victims of ransomware attacks in just the past year. Additionally, an indicator of the risk perception is the growth of cyber liability insurance products in India and across the globe.
In the current COVID-19 scenario, organisations are grappling with threats related to employees working in unsecured or semi-secured environments.
The balance between ease of working and security is fragile and a lot of effort goes into mitigating risks. However, an element that forward-looking Chief Information Officers (CIO) and Chief Information Security Officers (CISO) need to pay more attention to is the course of action when a breach occurs, as traditional approaches may not work in these evolved circumstances. As this clear and imminent risk continues to grow almost unabated, we foresee an increase in the following emerging areas as listed below:
Single request attacks
Usually perpetrated through a combination of phishing, vishing, smishing and an incentive, these attacks will continue to grow and compromise infrastructure. Owing to work devices being used for both work-related and personal activity, many target individuals will put not only individual information, but also corporate infrastructure at risk.
Digital identity exploitation
Digital identity is information on an entity used by computer systems to represent a person, organisation, device, or application, for instance, username and passwords are considered as the digital identity of users. These are exploited at a large scale by fraudsters through techniques such as social engineering, phishing, and shoulder surfing and are misused for carrying out fraudulent activities. The exploits involve gaining access through compromised business emails and then communicating under the assumed identity of either a buyer or seller.
In a corporate landscape, such identity theft can cause major reputational and financial damage, especially in scenarios where social media platforms are used by identity thieves to disclose unethical practices or spread rumours about such practices.
Increased leaning towards home automation, Internet of Things (IOT) devices, etc., will result in vulnerable employee groups falling prey to attacks that could result in compromised home networks and further, of all connected devices, including laptops and mobile phones that connect to organisation networks.
Fraudsters are increasingly trying to play the “long game” where they plant the malware or virus in the organisation so that it remains undetected. Over time, the virus keeps gathering and transmitting information that fraudsters use to plan a sophisticated attack to cripple the organisation. A business email compromise is one such example of fraud orchestration that requires fraudsters to compromise email account(s) and patiently observe email communication trends and intercept it when payments are made between parties.
Fraud orchestration is a relatively new behaviour for most fraudsters as typically, cybercriminals are known to mount multiple small- and medium-impact attacks, as opposed to one high-impact attack. This may signal the shift towards cybercriminals frequently working together in the future. Technology adoption is making our lives simpler in many ways. However, it comes with a set of risks that require constant monitoring, evaluation, and remediation to ensure that organisations are not brought to their knees due to one weak link in the entire chain.
Jayant Saran is Partner, Forensic – Financial Advisory; Sachin Yadav is Director; Rahul Vallicha is Manager; and Chirag Chaudhari is Assistant Manager; at Deloitte India. Views expressed are the authors’ personal.