Thursday December 13, 2018
Home Lead Story Indian Firms ...

Indian Firms Losing $10 mn Every Year Because of Cyber Attacks: Microsoft Study

Additionally, more than one in five (22 per cent) of Indian organisations have witnessed benefits of using AI to achieve faster and more accurate detection of threats

0
//
Microsoft, PUBG
A sign for Microsoft is seen on a building in Cambridge. VOA
Republish
Reprint

A large-sized enterprise in India loses an average of $10.3 million owing to cyber attacks and a mid-sized organisation an average of $11,000 annually, a Microsoft-led study said on Wednesday.

Cyber security attacks have also resulted in job losses across different functions in more than three in five (64 per cent) organisations that have experienced cyber attacks, revealed the Frost and Sullivan study commissioned by Microsoft.

“With traditional IT boundaries disappearing, the adversaries now have many new targets to attack. Companies face the risk of significant financial loss, damage to customer satisfaction and market reputation-as is evident from high-profile breaches this year,” said Keshav Dhakad, Group Head and Assistant General Counsel, Corporate, External & Legal Affairs (CELA), Microsoft India.

The study, titled “Understanding the Cybersecurity Threat Landscape in Asia Pacific: Securing the Modern Enterprise in a Digital World” involved a survey of 1,300 business and IT decision makers.

“More than three in five organizations (62 per cent) surveyed in India have either experienced a cybersecurity incident (30 per cent) or are not sure if they had one as they have not performed proper forensics or data breach assessment (32 per cent),” the findings showed.

The survey ranged from mid-sized organisations (250 to 499 employees) to large-sized organizations (more than 500 employees).

Microsoft
Hackers bleeding large Indian firms by $10 mn on average each year: Microsoft. (Wikimedia commons)

To calculate the cost of cybercrime, Frost & Sullivan created an economic-loss model based on macro-economic data and insights shared by the survey respondents.

The study also examined the current cyber security strategy of organisations in India.

It found that nine in 10 (92 per cent) Indian organisations are looking to leverage Artificial Intelligence (AI) to enhance their cyber security strategy.

Additionally, more than one in five (22 per cent) of Indian organisations have witnessed benefits of using AI to achieve faster and more accurate detection of threats.

Also Read- Employees at Facebook Looking For Better Opportunities in Future

“Most organisations lack a cybersecurity strategy, while for a large majority cybersecurity was an afterthought. About 59 per cent (three in five) respondents said the fear of cyber attacks has hindered digital transformation projects,” the study noted.

While 37 per cent see cybersecurity strategy only as a means to safeguard the organisation against cyberattacks rather than a strategic business enabler, a mere 18 per cent seeing cybersecurity as a digital transformation enabler, it added. (IANS)

Click here for reuse options!
Copyright 2018 NewsGram

Next Story

Bug Spotted in Microsoft Office 365, Outlook

Several tech companies offer bug bounty incentives. Sahad also received bug bounty from Facebook last year for discovering a bug in the social networking platform

0
Microsoft
Kerala-based security engineer spots bug in Microsoft Office 365, Outlook. Pixabay

A Kerala-based application security engineer has won bug bounty from Microsoft for discovering a series of vulnerabilities that left over 400 million Microsoft users’ accounts — from Office 365 to Outlook emails — open to hacking.

Sahad NK, who works as a security researcher with cybersecurity portal Safetydetective.com, came across multiple vulnerabilities that, when chained together, allow an attacker to take over any Microsoft Outlook, Microsoft Store, or Microsoft Sway account simply via the victim clicking on a link.

“Immediately after finding these vulnerabilities, we contacted Microsoft via their responsible disclosure programme and started working with them,” said Safetydetective on Tuesday.

The vulnerabilities were reported to Microsoft in June and fixed by November end.

“While the vulnerability proof of concept was only made for Microsoft Outlook and Microsoft Sway, we expect it to affect all Microsoft accounts including Microsoft Store,” said Sahad.

Microsoft, PUBG
A sign for Microsoft is seen on a building in Cambridge. VOA

Sahad discovered that a Microsoft subdomain, “success.office.com”, had not been properly configured. He also found bug in Microsoft Office, Store and Sway products.

A string of bugs when chained together created the perfect attack to gain access to someone’s Microsoft account — simply by tricking a user into clicking a link.

“Anyone’s Office account, even enterprise and corporate accounts, including their email, documents and other files, could have been easily accessed by a malicious attacker, and it would have been near-impossible to discern from a legitimate user,” said TechCrunch.

Also Read- New Bug Forces Alphabet to Expedite Google+ API Shutdown

Sahad, with the help of fellow security researcher Paulos Yibelo, reported the bug to Microsoft, which fixed the vulnerability and gave an unspecified amount as bug bounty to Sahad.

Several tech companies offer bug bounty incentives. Sahad also received bug bounty from Facebook last year for discovering a bug in the social networking platform. (IANS)