Indusface, a rapidly growing Application Security SaaS Company that is funded by TCGF II (Tata Capital), released a report on Cybersecurity in the Insurance sector for January 2023. This report brings to light the cyber vulnerabilities of t, he Indian insurance industry and notes that more than 1.6 million cyber-attacks were blocked by Indusface every day in the first month of the year.
A total of 49,844,877 cyber-attacks were recorded on 114 insurance sector websites. The January report findings reveal that on an average, insurance sector applications face 430,000 attacks each which is close to the overall average of 450,000 attacks per app across all industries.
The report also discovered that 51% of the Indian insurance websites were attacked with DDoS requests which is much higher than the overall average of 30% sites being attacked by DDoS requests.
Apart from the DDoS request attacks, the other key concern for the insurance sector in India is the rise of Bot attacks. Over 6 million such attacks were documented in January, 2023 by Indusface. Compared to other industries, the insurance sector receives 3x more bot attacks which indicates the highly sought after nature of data available with insurers.
The bot attacks mounted by hackers are of three major types — account takeover, card cracking and scraping. Hackers usually use bot attacks to take over financial accounts and conduct credit card fraud via cracking and scraping.
‘The rise of bot attacks on the insurance industry is concerning as these tend to be more sophisticated and surgical. The potential risks that Indian insurers face range from unauthorized access to financial data and other sensitive information, or even the internal systems of the insurance company itself. This is concerning especially in a year where there is a talk of recession all around and CIOs will see a decline in technology budgets.’ Said Ashish Tandon Founder & CEO, Indusface. ‘Security leaders can no longer take a siloed approach to application security. It is time for them to adopt a holistic solution like the AppTrana WAAP, that bundles VAPT, WAF, API Security, DDoS & Bot Mitigation and secure CDN in one platform’ added Ashish.
Apart from the large volumes of sensitive and lucrative information such as credit card details, banking information and personal data of customers, the other key factor driving attacks on Indian insurance companies is the rise of vulnerabilities. Most of the insurance companies are on the path to digital transformation in order to cater to digitally savvy consumers. This has increased the number of applications, and the attack surface as well as potential vulnerabilities in the digital infrastructure is increasing rapidly, making the insurers more vulnerable to hacks and cyberattacks.
Given the high level of risk posed by cyber-attacks, it is essential for companies in the insurance sector to have robust security measures in place. This can be done via partners who can help detect and respond to attacks in a timely manner and ensure the deployment of prevention measures such as firewalls and intrusion detection systems.