By Anshuman Sharma, Director – VTRAC, Cybersecurity Consulting Services, Verizon Business
India’s digital economy is outpacing advanced nations like the UK, Germany, and Japan, according to the State of India’s Digital Economy report. However, this digital revolution comes with a downside: a surge in cyberattacks. Consider this – India is among the top two most targeted nations for cyberattacks, and is the third-largest country for phishing attacks.
The impact and widespread scale of cybercrime is a grave reality for industries and lawmakers today, especially as the digital economy could account for 20% of the nation’s GDP by 2027. The recently published Data Breach Investigations Report (DBIR) 2024 throws a spotlight on the prevalence and rise of sophisticated cyber threats involving exploitation of system vulnerabilities, spear phishing, and impersonation attacks.
From digital extortion to espionage: How cybercrime is evolving in APAC & India
In March 2024, government and energy sectors found themselves under attack by threat actors, who infiltrated their systems using a phishing email supposedly from the Indian Air Force. Codenamed ‘Operation Flightnight’, attackers compromised the data and security of government entities including national defense organizations and gained access to confidential details of private energy companies including financial documents, employee details, and drilling activities. Such incidents of espionage are playing out at national and industry levels, but that’s not all.
Cybercriminals in India are casting a wide net for extortion targets, from CEOs of major corporations to teenagers’ prized gaming profiles. A recent DBIR report highlights this alarming trend, revealing a staggering 180% increase in hackers exploiting vulnerabilities, primarily through web applications. However, the report also identifies a critical vulnerability: human error. The human element, as always, remains a concern, accounting for 68% of breaches.
So who are the actors behind these attacks, and what motivates them? Financial gain remains the prime weapon of cybercriminals, with ransomware attacks extorting companies into hefty payouts. While internal actors have increased as players in data breaches, most involve careless mistakes rather than malicious intent. While insider threats are on the rise, most involve careless mistakes rather than malicious intent. The real eye-opener lies in espionage: a staggering 25% of breaches in APAC target sensitive data, compared to a mere 4-6% globally (2024 DBIR report). This suggests a much higher focus on stealing secrets in the region.
Exploitation of vulnerabilities – The newest and largest threat to Indian businesses
Indian businesses face a critical cybersecurity challenge: the rampant exploitation of system vulnerabilities. In the APAC region cyber criminals attacked servers to an extent of 100% in 407 instances, primarily through hacking and malware. These attacks overwhelmingly followed a predictable pattern – 95% involved system intrusion, social engineering, or basic web application attacks.
The delay in patching critical vulnerabilities is one of the major reasons for the spike in the exploitation of vulnerabilities. An analysis by CISA (Cybersecurity Infrastructure and Security Agency) revealed that, on average, it takes organisations 55 days to remediate only 50% of critical vulnerabilities, after relevant patches are deployed. This is not fast enough to prevent cybercriminals and threat actors who are constantly on the lookout for ways to exploit these vulnerabilities.
Cybersecurity needs to extend beyond organisational walls. A concerning 68% increase in breaches originating from vendor vulnerabilities highlights the need for robust third-party security protocols. Businesses must prioritize rapid patching, employee awareness training, and collaboration with vendors to create a more secure digital environment.
Building resilience in the face of rising threats
Organisations must have a layered approach to cybersecurity, including protection and detection at every level, from the user to the application, device, and network. A comprehensive five-part defense plan is called for that covers network and cloud security, network filtering, endpoint security, voice security, and expert consulting.
Recognizing the human element, businesses are also investing in employee awareness training. By educating the entire workforce, not just IT teams, organisations can significantly increase the detection and reporting rate of phishing attempts, strengthening the first line of defense.
Finally, given the prevalence of espionage-driven attacks, companies should scrutinize their third-party networks. Reviewing the security practices of suppliers, academic institutions, and research facilities helps to ensure sensitive information, especially those with national security implications, remains protected throughout the ecosystem.
