Have you lately come across the concept of Dark Tourism? It is precisely as weird, improbable, intriguing and gloomy as it sounds. People opt to meet others and visit villages, cities, countries and cultures that have been wrecked under war or trampled with the foot of conflict and violence. Suffering, sadness, hopelessness, chaos and dregs of what-was-life attract such tourists. It is not exactly pleasing to the eye and the mind, but maybe some people seek this torture to learn for the future.
Shall we take a walk into the dark alleys of digital infrastructure for some moments, then?
We have enough scary premonitions to set foot into this nightmare land. As infrastructures grow leaner, faster, and shinier with the advent of the digital architectural era, they are also becoming easy to crumble, prone to termites, and bait for attackers of the new world.
As infrastructures grow leaner, faster, and shinier with the advent of the digital architectural era, they are also becoming an easy bait for attackers of the new world.
“The prevalence of cyber-attacks for warfare and political objectives has surged recently, particularly amidst two ongoing geopolitical global conflicts.”- SUNDAR BALASUBRAMANIAN, MD, Check Point Software Technologies, India & SAARC
Consider what Check Point’s latest Threat Intelligence report in 2023 pointed out. Global ransomware incidents surged by 90%, surpassing 5,000 attacks compared to the previous year. Ransomware operators continually refine their methods, introducing new tactics like intermittent encryption, breach-only attacks, and advanced evasion techniques.
Not far away are findings from the Munich Re Cyber Risk and Insurance Survey 2024, which underlines that 87% of all C-level respondents reported that their company is not adequately protected against cyber-attacks. The warning is hidden under data from ISACA’s 2024 State of Digital Trust report, showing that only 52% of organisations are confident in their digital trustworthiness.
According to the World Economic Forum, cybercrime costs are projected to soar to USD 10.5 trillion annually by 2025, a stark reminder of the devastating impact of modern cyberattacks’ economic toll. But that is not all. Cyberattacks are becoming increasingly physical, targeting critical infrastructure and disrupting sectors like energy and supply chains.
So, why have enterprises suddenly become so vulnerable and helpless? Vulnerable yes. Helpless, well, not if – let us come to that later.
BLACK CRAYONS ADD TO THE DARKNESS
Many factors—both on the side of enterprises and attackers—have evolved and culminated in this new state of security fears.
Firstly, networks are leaning increasingly towards Cloud and hybrid wireframes. “Hybrid networks and a diverse workforce mean networks have more locations, applications, and services to protect,” reasons Vivek Srivastava, Country Manager, India and SAARC, Fortinet.
Fabio Fratucello, Field CTO, International, CrowdStrike, echoes that trend. “As organisations move to multi-cloud and hybrid environments, attackers increasingly exploit stolen credentials to breach cloud systems and move laterally across endpoints, executing cross-domain attacks.”
“A cyber breach in a large telco can create a significant domino effect on numerous private sector companies, government agencies, and individuals.”- DR LAWRENCE A GORDON, EY Alumni Professor – Managerial Accounting & Information Assurance, University of Maryland
What is worth reckoning here is the availability of data and systems due to the severity and frequency of attacks, especially ransomware attacks, observes Martin Kreuzer, Senior Risk Manager – Cyber Risks at Munich Re. “This is because this may often lead to related business interruption, data restoration costs, and liability.”
Next in line is the salt to the wound that supply-chain clots bring. “Due to increasing criticality and dependency on hardware, software, and services and increasing integration of IoT, OT and AI. In addition, we observe a rise in critical bottlenecks and systemic risks (e.g., cloud concentration). From a (re)insurer’s perspective, Munich Re continues to focus on data analysis, risk quantification and accumulation modelling,” explains Kreuzer.
Attackers often exploit these weak points, and this is particularly alarming given that 43% of small and medium businesses are frequent targets of cyberattacks, chimes in Priyamvadha Vembar, Head of Cybersecurity Practice, Bosch Global Software Technologies.
Major Vineet Kumar, Global President and Founder of CyberPeace, underlines that sectors historically insulated from large-scale cyberattacks are also becoming prime targets as they adopt digital technologies like cloud services and data centres.
Let us also zoom in on how all this transpires for telcos. According to Dr Lawrence A Gordon, EY Alumni Professor of Managerial Accounting and Information Assurance, University of Maryland, “Telecommunication firms develop large databases that contain sensitive, confidential financial and personnel-related information about their customers. The telecom industry is highly competitive with firms competing worldwide.”
Adding pepper to the salt is the pressure and time-clocks that compliance necessitates. “The telecom industry is highly regulated in most countries, and compliance with the various regulations tends to be very costly for firms operating in this space,” Prof Gordon adds.
Vaibhav Dutta, AVP and Global Head of Cybersecurity Products and Services at Tata Communications expands on this point: “Regulations like GDPR, HIPAA, and India’s Personal Data Protection Bill set clear standards for navigating the evolving data privacy landscape.
“Enterprises must create a comprehensive understanding of their IT, IoT, and OT environments, as well as inventory all cybersecurity-relevant assets.”- PRIYAMVADHA VEMBAR, Head – Cybersecurity Practice, Bosch Global Software Technologies
“As organisations blend legacy systems with multi-cloud infrastructures, they face challenges unifying their digital landscape, creating security blind spots.”- VAIBHAV DUTTA, AVP & Global Head – Cybersecurity Products & Services, Tata Communications
Non-compliance can lead to severe financial penalties and damage an organisation’s reputation.”
Interestingly, these cuts also have the lemon-squeeze of ‘alert fatigue’. “The sheer volume of security alerts can overwhelm teams, slowing response times. Advanced AI and automation are critical to detect, prioritise, and address real threats,” Fratucello notes. Besides, the security solutions market is fragmented, forcing organisations to develop integrated solutions. This increases complexity and makes security management a daunting task, contends Kiran Kumar, Distinguished Engineer at Dell Technologies.
Employees also pose significant risks by accessing sensitive data, whether malicious or negligent. Insider threats are harder to detect and can lead to data leaks or system sabotage, reminds Vikrant Sharma – IT Department Manager, SBM Offshore India.
The wounds end up in scars that run deep and long. “Ransomware attacks disrupt critical services, causing significant financial losses and operational downtimes, which could undermine trust in the country’s growing digital infrastructure and slow down digital adoption,” highlights Sundar Balasubramanian, Managing Director – India and SAARC, Check Point Software Technologies.
Balasubramanian elaborates that the prevalence of cyber-attacks for warfare and political objectives has surged in recent years, particularly amidst two ongoing geopolitical global conflicts.
“Hacktivism has evolved into a more organised, structured, and sophisticated form of attack, especially following the Russia-Ukraine conflict, which saw the emergence of ‘guided’ hacktivism. This new wave of hacktivism is no longer driven by lone individuals launching small-scale DDoS attacks or loosely formed social groups with shifting agendas. Instead, it now operates with a defined political ideology, clear leadership hierarchy, formal recruitment processes and advanced tools. This form of hacktivism increasingly targets major corporations, governments, and even individuals.”
Considering the Indian context, the red flags darken. Large-scale data breaches and theft pose significant risks, often due to sophisticated phishing, weak authentication, and insider threats, cautions Vinod V Jayaprakash, Consulting Cybersecurity Leader, EY Global Delivery Services. “Additionally, concerns about the sufficiency of India’s cybersecurity infrastructure persist, as many organisations lack advanced security tools and skilled personnel.”
The widening of the skills gap also complicates the situation, worries Chris Dimitriadis, Chief Global Strategy Officer, ISACA. “Based on a recent ISACA’s 2024 State of Digital Trust report, more than half of the organisations say lack of skills and training is the top obstacle to achieving digital trust.”
“As networks lean towards cloud, hybrid models, and a diverse workforce, organisations face more locations, applications, and services to protect.”- VIVEK SRIVASTAVA, Country Manager, India & SAARC, Fortinet
Remember the double-edged sword that AI is morphing into. “While AI enhances operational efficiency and threat detection, cybercriminals leverage it to launch more sophisticated, automated attacks. AI-powered phishing and malware campaigns are harder to detect, making it crucial for organisations to adopt AI-driven defensive solutions.” Balasubramanian augurs.
TRAVELLING THE BLACK HOLES OF SECURITY
Not all is gloomy and detritus here, though. Suppose organisations take some precautions and invest in vaccines and tourniquets that strengthen digital arteries promptly. In that case, being in the digital age can be the confident leap it was supposed and designed to be.
Organisations should implement a multi-layered security strategy to reduce vulnerabilities, conduct regular security audits, embrace Zero-Trust Network Access (ZTNA), and maintain a proactive incident response plan. Limiting the attack surface through these measures adds layers of defence, making unauthorised access far more difficult. Additionally, patch management and access control, such as multi-factor authentication and role-based access, are essential to a strong defence.
Ensuring that software, operating systems, and applications are up-to-date with the latest security patches is crucial. A zero-trust security model, which operates on the principle of “never trust, always verify,” should be applied universally to every user and device, irrespective of location within or outside the network perimeter. This becomes even more significant in multi-cloud environments, where identity-based attacks are increasingly common.
Continuous threat hunting and automated detection and response systems offer 24/7 vigilance, vital to staying one step ahead of attackers. Leveraging AI-driven intelligence is no longer an option but a necessity, as traditional defences cannot counter the sophisticated, AI-powered attacks and tactics deployed by state-sponsored cyber attackers. Moreover, AI aids in reducing downtime and allocating resources efficiently to high-risk incidents.
AI-powered phishing and malware campaigns are harder to detect, making it crucial for organisations to adopt AI-driven defensive solutions.
A solid Governance, Risk, and Compliance (GRC) framework is the bedrock of true resilience. Recognising anomalous behaviour and malicious activity across all operations can catch threats early and mitigate damage. These strategies are non-negotiable for telco firms, which operate within a sector pivotal to global cyberspace. Dr Lawrence A Gordon points out that telecommunications companies, as custodians of a large part of the world’s data flow, face the costs of breaches that extend beyond their organisations, affecting the broader economy and society.
Traversing this era requires vigilance and adaptation. It requires moving beyond traditional security measures to embrace a forward-thinking approach that addresses evolving threats head-on. Rather than adhering to outdated practices, the industry must navigate this terrain with courage and innovation—a far better path than merely surviving a ‘Jack the Ripper’ experience in the digital domain.
By Pratima Harigunani
pratimah@cybermedia.co.in