In India, the frequency of cyberattacks has surged to alarming levels, with a stunning 593 incidents reported in the first half of 2024. The sectors most affected by these cyber threats include education, government, and technology, as outlined in a recent report.
The increase in cyberattacks highlights the pressing need for robust cybersecurity measures to be implemented across all sectors of the Indian economy. The report warns that the potential for cyberattacks will continue to escalate, underscoring the importance for businesses and government entities to proactively safeguard against the evolving threat landscape.
The ‘India Breach Report,’ conducted by FalconFeeds, revealed that during the initial six months of 2024, India experienced 388 data breaches (accounting for 65.4% of the incidents), 107 data leaks (18.0%), 59 instances of access sales or leaks (9.9%), and 39 ransomware group activities (6.6%). Aside from education, government, and technology, other sectors such as healthcare, banking, manufacturing, and consumer services also fell victim to severe cyberattacks from January to June.
Nandakishore Harikumar, the individual behind FalconFeeds.io, emphasized the critical nature of the cyber threat landscape in the nation, particularly within vital sectors like government and education. He stressed the imperative need for the establishment of a protocol to address the issue, noting that no sector is immune to cyber threats.
The report pointed out that data breaches were the most prevalent type of cyberattack, indicating a lack of robust data protection measures within many organizations. This vulnerability exposes sensitive information to potential unauthorized access and exposure. Similarly, data leaks underscored the necessity for improved data security practices.
Further, the report highlighted the thriving underground market for unauthorized access to corporate and government networks, stressing the significance of strong access control measures, consistent monitoring, and swift responses to unauthorized access attempts.
There was a concerning correlation between the surge in cyberattacks in India and the country’s Parliament elections, which were conducted from April 19 to June 1. The data indicated a spike in cyber incidents from March to April, peaking in May, followed by a slight decrease in June and a more significant drop in July. This pattern reveals the opportunistic nature of threat actors who exploit periods of heightened national activity.
Government and public sector entities bore a disproportionate impact during this period, with New Delhi and the central government being particularly targeted by cyberattacks.
In terms of the most active platforms for cyberattacks in India, analysis revealed that dark web portal BreachForums led with 35 victims, followed by the social media app Telegram with 32 victims. Among the threat actors, Lockbit 3.0 executed the highest number of attacks at 18, followed by Darkvault (6), BianLian (4), and Kill Security and RansomHub (3 each).
Several major organizations in India, such as Eicher Motors Limited, Telangana Police, Tamil Nadu Labour Department, and the National Disaster Management Authority, suffered significant impacts due to cyberattacks this year.
The report issued a series of mitigations and recommendations to address the escalating cyber threats in India, including conducting regular security audits, educating employees on common attack vectors, implementing encryption for sensitive data, deploying Multi-Factor Authentication (MFA), developing incident response plans, participating in threat intelligence sharing communities, implementing network segmentation, and backing up critical data regularly.
By heeding the trends, impacts, and mitigation strategies outlined in the report, organizations can bolster their defenses against future cyber threats and safeguard their digital assets in an increasingly hostile online landscape.