COVID-19 pandemic: Why the sudden boost in digital transformation calls for tougher cybersecurity in India

As the COVID-19 pandemic spread over the world, we saw an explosive dependence on the digital medium for everything from shopping, studying to working. However, the sudden boost in digital transformation also attracted bad attention. In June 2020, personal and financial data of 2.91 crore Indians was leaked on to the dark web, and 3.24 million personal records were stolen or exposed in case of identity theft across India. We spoke to Ram Seethepalli, CEO, Europ Assistance India about why India needs tougher cybersecurity, why it needs to guard against cyberattacks, and educate users against cyber thefts.

tech2: Why do you think India needs tougher cybersecurity?

Seethepalli: The COVID pandemic has fast-tracked the digital transformation across all aspects of operations and processes not only in India but across the world. India has the third-largest digital population in the world. The move towards the digital has encouraged countless organisations to shift to online mediums. Professional work, schooling and education, shopping, entertainment, everything is now digital. As an increasing number of companies and institutions adapt to the virtual model, it is essential that we consider the necessity of cybersecurity. For India especially, raising awareness and taking concrete steps to prevent malicious attacks on multiple forums is imperative. Aside from formal threats to organizations, it is imperative to remember the threat that individuals face. Presently, India consists of over half a billion internet users. Most internet users possess a smartphone, complete with a multitude of apps ready to dispense services to cater to almost all their needs. Digital payment methods such as UPI and other mobile wallets play an important role in facilitating transactions. Unfortunately, this trend towards the digital can spell trouble for consumers unless proper protective measures are undertaken. India is among the top countries in the world that falls prey to cyberattacks and cyber thefts. Data suggests the situation has worsened with the onset of the pandemic. In the first nine months of 2020 alone, there has been an estimated loss of $6 trillion to organisations and individuals. This indicates just how necessary it is for us to seriously consider cybersecurity, on a macro as well as micro-level. [caption id=“attachment_8034071” align=“alignnone” width=“1024”]  Representational Image. Source: Pixabay[/caption]

tech2: What are the most common types of cyberattacks that Cyberior can guard against?

Seethepalli: Broadly speaking, most cybercrimes happen in one of three ways. The primary technique involves breaching security at the server level, usually in companies. Once these boundaries are breached and sensitive information is gained, this information is sold on the dark web. Other cybercriminals can then access this sensitive information on the dark web, which includes users’ login credentials, personally identifiable information and sensitive data such as photos or documents. These cybercriminals can then use this information to access user accounts, extort the users, and commit fraud in the user’s name by assuming their identity. Such data breaches have been reported in the news time and again. Even the largest of organizations, with multiple layers of cybersecurity, are susceptible to breaches of user data. Next, we look at malicious software that targets devices. Malware, the kind of software designed to damage or compromise device security, such as viruses or ransomware are threats to user devices and data. They infiltrate devices through various ways such as downloads or links on unverified websites, social media, spam emails and even messaging platforms. Once this malicious software has made its way to the system, it can compromise the security of the device in several ways. The malware can lock down your system and demanding a ransom to return your sensitive data or it can syphon your sensitive data to be used by the cybercriminal to commit fraud in your name by assuming your identity. Finally, there are scams. Even with data that isn’t considered sensitive in the conventional sense, such as a user’s name, date of birth and address, cybercriminals can cause significant damage to the user. Such information can be found easily via social media. Cybercriminals can use this data to claim to represent the user’s banks or other financial institutions. On the pretext of offers or other processes, the cybercriminals can manipulate the user into giving up other vulnerable information, such as their personally identifiable information or financial information. Cybersecurity threats and scams are always evolving. As more services become digital, more malware and scams are developed to take advantage of the digital nature of these services. However, cybersecurity solutions are also adapting to the needs of the user to combat these newer and improved cybersecurity threats.

tech2: What is your view on the current cybersecurity threat level in India?

Seethepalli: The surface area for cybercriminals who attack individuals was already large, to begin with, because of the blooming digital network. In the last couple of decades, trends show that internet usage, especially in India, has increased substantially. Although the need for cybersecurity dates back much before COVID, the pandemic has definitely exacerbated the situation by hastening multiple organisations to go digital. As most of us work from home, our devices and company data can be intercepted with more ease than in official setups. However, the real threat of cybercrimes is to individuals. Most of the cybercrimes that occur in India happen through smartphones. It is thus crucial to empower every person with cybersecurity measures as the threat is more than ever today. Cyber thefts and identity thefts can have a lasting impact on one’s life, completely compromising his/her credibility on various platforms. Not only can cyberattacks cause tangible financial loss, but it can also cause sustained mental agony. Projected data suggests India will have 900 million people on digital platforms by 2027. We must brace ourselves with all necessary precautions to ensure the transition to the digital is a smooth and safe one.” As of January 2020, there were more than 650 million internet users in India. This was an increase of over 20 percent from 2019, which is an increase of over 120 million users within a year. Even today this is less than 50 percent of the Indian population. An important point to consider is the nascence of the digital audience in India. As a result of the increased availability and affordability of data and smartphones, paired with events like the lockdowns of the Covid-19 pandemic, there are so many new users of digital services in India. This means that many new users are not aware of the kind of threats that can be used to cause harm to these new users. These new users need to be educated about the kind of threats that exist and the tools that they can equip themselves with to protect themselves in the digital world.

tech2: What role does Cyberior play in this ecosystem?

Seethepalli: Cyberior provides a one-stop solution for a variety of cyber threats as it aims to penetrate to the end consumer level. Services include breach monitoring, digital identity monitoring, credit services, alerts and notifications, financial loss coverage and crisis resolution. From a B2B2C perspective, our clients include banks, insurance companies, and credit card companies to airlines, cruise ship companies, hotels and automobile manufacturers. They see Cyberior as a value-added service for their end customers. Additionally, Cyberior helps its customers through real-time digital account monitoring for any unwanted or suspicious activity. It keeps a track the credit score while reducing the risk of a variety of frauds (banking/loan fraud, payment fraud, Aadhar fraud, and other identity theft) and resolving them quickly. The product prevents data loss and cybersecurity threats to the data on an individual’s devices and helps to conduct banking transactions with confidence and without worrying about phishing, ransomware, etc. The mission is to protect the digital version of every individual, and is built to secure personal data and devices of an individual and extends the benefits to family members.​