India is quite possibly the most discussed innovation environment in the post-COVID world as
2020 obviously saw some disobedience to China. Global giants are coming to India to build for
more than 500 million clients which should interface with the world wide web in the coming
While every one of these developments are occurring, hackers are additionally getting
increasingly more keen on the information of Indians. 2020 saw a progression of data leaks on
Indian startup companies which left the organizations posing one question – How secure would
we say we are?
Every other day we see one more organization being added to the rundown of data breaches over
the most recent years. Post COVID, the work conditions have just served to speed up the
recurrence of these Hacks, so what is happening? Also, for what reason do Indian organizations
continue to get hacked?
Why Hackers Steal data?
You realize hackers want to take your data. but what will they do with it?
- Data Ransom : Sometimes, hackers steal your data with the goal that they can hold it for ransom.
- Identity theft : Data theft like the Aadhar data breach in 2018 are done to steal confidential information. Hackers would then be able to abuse that data to break into different records.
- Since they can: Lamentably, a few Hackers take your data just to demonstrate that they can. They don’t want any ransom or steal any users personal information, They basically want to showcase their skills and prove that they can break into highly secured servers.
Recent Hacks on Indian Apps & Businesses
Aadhar Data Breach:
In March of 2018, it became public that the personal data of more than 100 crore Indian residents
was being sold on the darkweb.The leak permitted admittance to private data of Aadhaar holders,
uncovering their names, their novel 12-digit identity numbers, and their bank account details.
The leak also included photos, thumbprints, retina filters of practically every Indian resident.
SBI Data Breach:
- India’s biggest bank, the State Bank of India (SBI), suffered a data breach of its 422 million indian bank account holders. The Data contained Bank Account Numbers, bank balance and telephone numbers of the customer.
- Unacademy Data Breach: One of the Bengaluru-based well known startup, Unacademy had endured a data breach in January 2020. The Hack uncovered more than 20 million client accounts that included usernames, hashed passwords, date joined, last login date, email locations, first and last names and was sold on Dark Web.
- BigBasket User Data Breach: In October, a mainstream online merchant in India, BigBasket endured a huge data breach that left data of 20 million users uncovered. The data of customers like names, email addresses, date of birth, IP locations was available to buy on the dark web.
- Air India Data Breach: On 21 May 2021, it was accounted for that Air India was exposed to a cyberattack where the data of around 4.5 million users all throughout the world were leaked. Confidential information like passport details and credit/debit card details were exposed.
- Dominos India Data Breach: On 22 May 2021, It is accounted for that Dominos India has seen a cyberattack and the data of 18 crore orders was available on the darkweb which included order details, Customers name, email address and telephone numbers.While these were a portion of the top new businesses of the country that endured a data breach, there are many sites and applications that get hacked each day which don’t even come to notice in the news.
- Cause of Sudden Rise in Hacks: The Indian tech industry developed greatly throughout the most recent couple of years. users of these applications developed at a high speed, yet security tragically wasn’t the core interest. New servers were deployed with default configuration/passwords. New features were developed and added without testing them for weaknesses/bugs. Hackers regularly watch out for developing organizations since they realize security will not be a central concentration and that will be a sweet spot for them to get in.Businesses have not been taking interest in securing their organizations from cyber attack. Combining all these factors and COVID 19 occurring, hackers got the ideal chance to exploit the weaknesses and Hack into organizations.
Data theft has become common nowadays and this has caused a great deal of issues for the
users. While you may feel that a nation like China or maybe even India would be the most
affected country by data theft, in reality the country with the most number of rates of data theft
is the United States.
Indeed, there are in reality a great deal of different variables that are adding to why the US is on
top position. While the country’s population doesn’t approach any semblance of China and India,
it actually has a lovely sizable population and this basically implies that there are more
individuals there that can be focused on. What’s more is that the nation is a central hub for
technology advancement, which makes it a target for cyber criminals. To lay it out plainly, data
from the US is only much more significant than from different nations which prompts it being
attacked more than any other country.
It’s maybe unreasonable to single out India here as the whole world practically saw attacks
however the higher volume of attacks suggests that we essentially don’t put resources into our IT
Preventing Data Breach:
In this world of technology, data is equal to cash. This is the main reason for the hackers to steal
data. Such data leaks bring about misfortunes of millions of private records and confidential data
which can cost millions in harm. Be it a little startup or an organization worth millions; all
organizations are vulnerable against cyber attacks. Following are a few practices that can be
followed to keep data from getting taken.
- Good password policy :
Keeping a complex password is an immense positive development. Ensure that you never reuse
passwords and change them routinely as and when you’re incited by an expiry alert.
- Update regularly :
Software updates do various things to assist you with improving security. Perhaps the most ideal
approach to thwart data leaks is to keep your operating system and all other softwares updated to
the latest version as these updates are released after fixing several bugs which will prevent the
system from future attacks.
- Securing the router :
Cybercriminals could undoubtedly steal your data without walking inside your premises. They
can do this by breaking into your organization’s network, and it’s far simpler for them to do it if
your organization’s network is not secured enough. you need to ensure that encryption is enabled
on wireless traffic passing by the network.
- Backing up of data :
Data is the most esteemed resource of any association and it’s what hackers want to abuse. To
fight from this, backing up the data is one of the best defence strategies to protect your
organisation from ransomware and other attacks.
- Educating the employees :
Providing proper training to your employees about the outcomes of data breaches is crucial.
when a culture of security is embraced at all levels of the association, the possibility of suffering
a data breach will be very less.
- Breach Response Plan :
With the surge of data breaches happening on small startups and multinational companies
targeting sensitive data assets, developing a breach response plan in advance will help in
identifying and analyzing the attack and will provide quick response whenever such incident
- Centralized firewalls :
Firewalls are the principal line of safeguard in network security. An appropriately designed
firewall works like a barrier between the networks. It is crucial that you keep the firewall on all
the time as this is the most ideal way you can protect your organization against cyber attacks.
- Encrypted transmission :
Encrypted data is like garbage for cybercriminals.The power of cryptography can prevent access
to data and the data will become useless if you don’t know the key to decrypt it. Utilizing
encryption is one of the best defence strategies in mitigating cyber attacks and tata breaches.
- Proactive and Continuous Auditing :
Identification of suspicious activities and analyzing them will help you in spotting situations
which could result in data breaches in near future. auditing your organization’s network system
consistently is a best practice which can help in maintaining the reputation of the organizations
and also preventing it from future attacks.
About the Author-
Rahul Pandey is a CyberSecurity Researcher and a Cyber Crime Investigator. Being Just 22 Years Old, presently He is training the officers of Uttar Pradesh Police On Cyber Crime Investigation. He has been a district topper and also received Director General’s merit award for academic excellence.
Rahul Works with multiple NGO’s all over India to promote Cyber Crime Awareness and to empower students, families, communities, and society with prevention and intervention skills to reduce cyber-crime.
Doing so, Rahul has been recently awarded with The Karmaveer Chakra Award which is a global civilian honours given by the international confederation of NGO (iCONGO) in partnership with United Nations to the people across the globe for relentless courage and unleashing extraordinary potential.