Indian dark web has emerged as a hub for cybercriminals looking to exploit databases, gain access to company infrastructure, and acquire bank card data, according to a recent study conducted by Positive Technologies. The study analyzed the trends in criminal cyber services in India and highlighted the popular queries on the dark web among hackers and cybercriminals.
The analysis of advertisements on the dark web revealed that hackers are predominantly interested in databases, access to company systems, and carding – the sale of bank card data. Surprisingly, a significant portion of the databases (66%) is distributed for free on the dark web, indicating the involvement of hacktivists and extortionists who leverage confidential data for ransom. This trend poses a serious security threat to the country’s infrastructure, as evident from a cyberattack on a major Indian electronics manufacturer that resulted in the loss of 7.5 million customer data records.
The study also highlighted the focus on data from scientific and educational institutions, financial organizations, government agencies, and the trade sector. Financial sector databases are particularly sought after, with purchase announcements constituting 5% of the dark web activities in the region. The affordability of these databases, with 40% of them priced below $1,000, makes them a lucrative target for cybercriminals seeking to exploit vulnerabilities in India’s digital infrastructure.
Access to company resources emerged as the second most popular topic on the Indian dark web, with a significant supply of offers exceeding demand. Access to infrastructure of trade, financial institutions, and service sectors are up for sale, with over 60% of access offerings priced below $1,000. Notably, access to an Indian bank with administrator rights is being sold for $70,000 and above, highlighting the value of privileged access in cybercriminal activities. The prevalence of access to content management systems like Magento and WordPress further underscores the security risks faced by Indian businesses.
Carding, which involves the sale of bank card data and personal information, accounts for 10% of the criminal cyber services market in India. Despite the potential for fraudulent activities using stolen card information, carding data sets are sold at a relatively low price of $500 per 100 units of bank card data on the Indian dark web.
The low cost of access and the free distribution of personal data pose a significant security risk to companies and government agencies in India. To mitigate these risks, Positive Technologies recommends organizations to adopt comprehensive cybersecurity solutions, including SIEM, XDR, NGFW firewalls, WAF, and NTA solutions. Additionally, the use of tools like sandboxes for malware detection and vulnerability management systems can help organizations strengthen their cybersecurity posture.
The study, based on an analysis of messages related to India on the dark web, underscores the urgent need for robust cybersecurity measures to protect businesses and industries from cyber threats. With over 4,000 organizations worldwide relying on Positive Technologies for cybersecurity solutions, the company remains at the forefront of safeguarding against cyberattacks and data breaches.