Restructuring of networks amid pandemic made India vulnerable to ransomware attacks: Check Point

The sudden rush to provide remote access to employees by restructuring network and security systems during the lockdown made India vulnerable to ransomware attacks in the third quarter of current year, according to cyber security firm Check Point Software Technologies. Due to the immediate push, several IT companies were unable to scale up their cloud security postures which led to increased opportunity for cyber criminals to carry out attacks, Check Point Software Technologies India and SAARC Managing Director Sundar N Balasubramanian told .

According to the company's research, India was ranked second after the US among the top 5 countries most affected by ransomware attacks in the third quarter.

Sri Lanka, Russia and Turkey were at third, fourth and fifth position, respectively, in the list of most affected countries by ransomware attacks.


In a survey by Check Point, 71 per cent of respondents globally, including in India, reported an increase in cyberattacks during February-March 2020, and 95 per cent said they faced added IT security challenges with provision of large-scale remote access for employees and managing shadow IT usage.

"The pandemic outbreak resulted in lockdown restrictions being imposed, and working from home became a way of life for most employees. Organizations in India found themselves having to restructure their network and security fabrics overnight, compressing several years' worth of IT changes into just a few weeks," Balasubramanian said when asked about the reason for increase in cyberattacks in India.

He said that in the rush to enable remote access, many companies allowed connectivity from unmanaged home personal computers that often lacked basic cyberhygiene such as updated software patches, anti-malware, among others. Even personal mobile devices were allowed access to networks.

"In addition, many Infosec (information security) and DevOps (development and operations) teams rushing to the cloud did not scale their cloud security postures to the level of their traditional data centres. All this resulted in increased opportunities for cyber criminals to carry out attacks on organizations," Balasubramanian said.

According to Check Point research, an organization in India sees three times more attacks than an average organization globally due to limited awareness and poor cyber hygiene.

"Between the second and third quarter, India saw a 39.2 per cent increase in the number of attacks. The top industries affected by ransomware in India in the third quarter were manufacturing, government and military, finance and banking, software vendors and healthcare," Balasubramanian said.

Globally, Check Point also noticed that offensive cyber tools were used to carry out national intelligence gathering, and espionage operations appear to have expanded.

"In fact, the new cyber intelligence has become the weapon of choice of many countries. Even the World Health Organization (WHO) reported a sharp rise in cyberattacks including an attack attributed to the DarkHotel APT group in an operation which involved other healthcare and humanitarian organizations," Balasubramanian said.