Press "Enter" to skip to content

Phishing is the most common way to steal information: Report

Cyber criminals have taken to phishing as the most common way to steal information, through increased sophistication and well-crafted emails, according to a report prepared jointly by consultancy EY and industry body FICCI. Malware attacks on mobile devices come next on the list as they allow quick getaways, the report says.

Customer information, financial data and strategic plans of companies are the three most valuable pieces of information coveted by cyber criminals, according to the report titled ‘Innovation-led cyber crime management’.

India ranks among the top five globally for the most high-profile cyber-attacks, with more than 90% of hackers under the age of 35, out of which 58% are self-taught, which means technical education is not relevant, the report points out.

The other major cyber crimes include illegal trade on DarkNet markets and use of social media platforms like Facebook, Instagram and WhatsApp for communication to conduct frauds.

The use of blockchain among cyber criminals is growing, allowing criminals to host sites that sell illegal services and other sensitive data, according to the report.

“To mitigate these cyber crimes, India needs to develop a strong cyber crime management ecosystem with concerted effort from LEAs (local education agencies), academia and industry,” says Vidur Gupta, Partner – Cyber Security, EY India. “Only such an effort can tackle the myriad cyber crime threats that we face, and can provide assurance and trust to India’s economy.”

There must be a roadmap on cybercrime management with help from pertinent stakeholders, awareness campaigns, and consultation among ministries, it says.

The report also advises formulation of standard cybercrime taxonomy, a formal institutional framework to resolve challenges involving cybercrime, threat intelligence sharing through collaboration between central and state police, revising current laws and setting up of cyber police cadre.

Separately, according to a 2018-19 global information security survey by EY, malware (20%), phishing (22%) and disruptive cyber-attacks (13%) were the top three threats faced by organizations. There was a 297% increase in retail phishing websites compared to the previous year, the survey showed.

Source: Economic Times