The threat surface area in India is substantial owing to certain peculiarities of the Indian market. These include:
a) Increasing digitisation: Increasing digitisation along with the 5G roll-out, while aligned with the nation’s progress goals, also opens the door to increased cyberattacks with more connected devices, greater interconnectivity, and increased usage of the internet of things (IoT). All these factors expand the threat surface area and hence also result in increased potential for, as well as payoffs from, cybercrime. IoT devices pose risks of misuse, both in terms of malicious use of data and user profiling, resulting in violation of user privacy.
b) Extensive use of pirated software: A substantial proportion of the operating systems10 in use in India are pirated. Due to the lack of stringent enforcement of IP rules, and on account of the high price differential, users prefer to adopt pirated software. The pirated software leaves users vulnerable to malware and cyberattacks.
c) Extensive mobile usage for internet access: India is one of the world’s most dynamic mobile markets, adding 2.5 crore new smartphone users every quarter, with a monthly mobile data consumption rate of 12 gigabytes per user.11 More complex threats are now coming into play as cybercriminals continue to evolve as well as adapt their techniques to exploit the growing reliance on mobiles. India’s extensive mobile usage poses specific vulnerabilities, as 40% of the world’s mobile devices are inherently vulnerable to cyberattacks.
d) Use of hardware/software created and manufactured outside India: As various Indian installations and networks utilise hardware and software that has been created and manufactured outside India, there exists the risk of data leakage, remote surveillance or intentional introduction of a system malfunction through a remote connection. This risk is especially pronounced in sensitive industries such as telecom, power generation and distribution, and internet data centres where any such Trojan horse can have serious consequences. This risk is exacerbated by the fact that most cybersecurity-related hardware/software is also of foreign origin.
e) Third-party vendors who are especially vulnerable and can compromise the overall supply chain: India has a very large base of micro and small and medium enterprises (MSMEs). MSMEs play a critical role in the Indian economy and contribute to about 30% of the GDP and 40% of exports, and provide employment to over 11 crore people.12 Many MSME vendors may have IT systems that are not very robust but form a part of the overall supply chain of larger enterprises. These systems could inject vulnerabilities into the larger ecosystem, as any chain is as strong as its weakest link.
Original Source link