Over the last few years, India has been in the midst of a digital payment revolution. The Government of India’s demonetization announcement in November 2016 provided a greater fillip to this trend. As per data from the Ministry of Electronics and Information Technology (MeitY), there has been a three-fold increase in digital transactions in the two years since demonetization.
Additional data from the Reserve Bank of India (RBI) and National Payments Corporation of India (NPCI) points to a 440 per cent increase in all digital transactions including National Electronic Fund Transfer (NEFT) and mobile banking, if we look at the period between September 2016 and September 2018.
While this has been a welcome trend, one of the unfortunate side effects has been that while online transactions have gone up, so have the number of online data breaches. Due to lax cyber security laws and practices, India holds the dubious distinction of seeing some of the world’s largest data breaches happen in the country.
There have been several high-profile cases of data breaches, and a much greater number of cases that were never publicized. For instance, in 2018, a hacker transferred over USD 130 million from a bank by penetrating its network and injecting a fake response malware script. The intruder injected a malicious script into a process running the payment brand interface. As a result, all incoming requests from the interface were in the ISO 8583 format and were sent a fake response to the payment brand. It was a classic attack that moved from the intrusion stage to lateral movement and finally to egress of data and injection of fake response malware.
Protecting your Payment Data
To prevent a scenario like the example stated above, organizations not only need to invest in next-generation Managed Detection and Responses services, they need to proactively conduct threat hunting based on prevalent indicators of compromise.
Protecting your data requires a multi-pronged strategy that encompasses people, processes and technology. Unfortunately, there is no single silver bullet that addresses the issue permanently, as the security landscape is evolving rapidly.
Businesses today generate reams of data and traffic every single day. As per an IDC report, worldwide data will grow 61 percent by 2025, to reach 175 zettabytes. Most of this data will reside in the cloud. Although 99.9 percent of data traffic might be genuine, there are a few potentially malicious logs that are capable of causing significant damage. In many ways, finding these is more difficult than finding a needle in a haystack. A well conceptualized and detailed approach is what works best. From first conducting a detailed risk assessment to ensuring strict adherence to compliance requirements to continuous monitoring; ensuring data security requires a multi-pronged approach.
As the incidence of cyber crime increases, we can expect privacy and data regulations to become stricter than ever. Effective compliance involves using a meticulously developed compliance validation structure and the right security monitoring tools. At SISA, our approach spans right from creating a mindset shift to comprehensive scoping to risk assessment to identify exposure points to gap assessment, and finally, remediation and certification.
Monitoring, Detection and Response
Managed Detection and Response (MDR) is becoming increasingly important for organisations. As per a report from Gartner, investing in enhanced detection and response capabilities will be key priority for security buyers through 2020. An MDR or Synergistic SOC solution works by detecting and responding to cyber attacks much faster than traditional security tools. It includes a combination of product, infrastructure, and people. It supports early threat detection and security incident response through the real-time collection and historical analysis of security events from a wide variety of events and contextual data sources.
If you’d like to know about how you can protect your potential breach, check out our Synergistic Security Operations Center (S-SOC) offering to see how it works to prevent such breaches.