India Cyberattack Surge, Remote Work Risks, Patelco Data Breach

Cyberattack
DMARC Report
India Cyberattack Surge, Remote Work Risks, Patelco Data Breach
Loading
/

Hello everyone! We are back again with this week’s edition of cybersecurity awareness. We will talk about the sudden spike in cyberattack incidents in India. Also, there will be discussions on how the remote work culture is vulnerable to threat actors. Lastly, we will shed light on how 726,000 Patelco customers were affected by ransomware attacks!

Let’s get started!

threat actors

Rise in cyberattack cases in India- Critical infrastructure worst hit!

India is gradually embracing digitization. However, the South-Asian country is not yet fully prepared to combat cyber threats. Critical infrastructure, such as finance, healthcare, and government sectors, has undergone rapid digitization. Due to a lack of proper cybersecurity mechanisms, Indian infrastructure is now facing a surge in cyberattacks. 

India is the fifth-most breached country globally. In the Asia-Pacific region, India ranks fourth, with 83% of Indian organizations experiencing at least one cyberattack in the past year. He believes that India’s cybercrime legislation is weak and old and that the country requires a robust, relevant cybersecurity mechanism.

cybersecurity

According to the Cybersecurity In India: 2024 Global Digital Trust Insights Survey, Indian organizations are currently busy combatting cloud-related cyberattacks (45%), threats to connected devices (35%), hacking incidents and data leaks (36%), and software supply chain compromises (35%).

The penetration of AI at deeper levels is also a concern for India’s threat landscape. Threat actors are already ahead of the game as they have learned how to make the most out of AI. From malware to phishing, threat actors are leveraging AI at multiple levels. Gopalakrishnan believes that the AI skill gap can be a major threat to India, and regular training is a need of the hour to tackle the increasing impact of AI in cyberattacks. The skill gap is the major reason why threat actors are moving ahead of the cybersecurity experts when it comes to AI deployment.

Remote work setup can be an invitation for cyberattackers!

A work-from-home culture is definitely a preferred choice among most employees. The freedom to work in your PJs and not having to commute daily in the traffic seems like bliss to many. 

However, this comfort of working from your own place can put you on the radar of threat actors

While working on your home PC, you may install any software without vetting it properly, thereby inviting the prying eyes of threat actors and putting your corporate data at high risk

There are multiple reasons as to why remote work culture is not cyberattack-proof. For example, your home PC is accessible to multiple users- your family, friends and so on. Secondly, your home networking equipment tends to be simple and easy, as compared to your office device. Lastly, remote employees may use public Wi-Fi while working from a fancy cafe, airport etc., and end up becoming an easy target for the threat actors. Cybercriminals can intercept and gain access to your business data.

public Wi-Fi

In this challenging environment, implementing robust email authentication protocols such as SPF, DKIM, and DMARC is crucial for enhancing cybersecurity defenses and mitigating the risks of phishing and email spoofing attacks.

Enterprises should take suitable mitigation steps to safeguard corporate data. The focus should be on controlling and safeguarding the devices in which employees are carrying out business work. For example, one must keep a tab on inbound network traffic. Securing data storage and transportation can also be of great help. Enforcing secure access to work accounts should also be mandatory. 

A whopping 726,000 Patelco customers were affected by a massive data breach!

Patelco Credit Union’s customer data was published recently on the extortion portal by the RansomHub Gang on 15th August 2024. This American not-for-profit organization offers financial services such as credit cards, loans, investments, and so on. Patelco informed about the ransomware attack last month on 29th June 2024. 

The company had to close the customer-facing banking system for more than two weeks. Meanwhile, Patelco was working on data restoration and IT functionality. While disclosing the news about the ransomware attack, Patelco stayed tight-lipped about the data breach. After investigation, it was found that the attackers stole sensitive customer data as well.

stole sensitive customer data

Now, Patelco has come up with a list of customer details that were compromised because of the ransomware attack. These include:

Notices have been sent to all the affected customers. They will also be provided complimentary identity protection coverage for 2 years. The last date for enrollment is 19th November 2024. There is also an advisory on the official website of Patelco, which says that the company will never request sensitive details (card details, CVVs, expiration dates, etc.) from customers. Patelco has also urged customers to stay vigilant all the time and keep a tab on any kind of suspicious activities. Since their data has been published online, the risk of social engineering, phishing, and other scams has increased manifolds. 

Keep visiting for weekly news updates. Thanks. 

Similar Posts