CYFIRMA launches India threat landscape report

Share via:

●       India is the most targeted country with 13.7% of all cyber attacks directed at it

●       US, Indonesia and China are next 3 most targeted countries by threat actors

●       Govt agencies across nations emerge as the topmost target with 95% of the cyber attacks aimed at them

●       State sponsored cyber attacks increased by 100% on India in 2022

●       Healthcare sector most targeted in India followed by education, research, govt and military sectors

●       Cyfirma research shows 39 active campaigns against India in 2023 coming from state sponsored threat actors from China, North Korea, Pakistan, Russia

●       Threat actors actively targeting India include FancyBear, Mission 2025 (China), TA505 (Russia), Transparent Tribe (Pakistan) Turla Group, Stone Panda and Lazarus Group (North Korea)

Mumbai,6th November 2023: CYFIRMA, an external threat landscape management platform, has released India Threat Landscape report 2023 focusing on threats targeting India and strategies to counter them. 

According to the report, India is the most targeted country, with 13.7% of all attacks followed by the US with 9.6%, Indonesia and China with 9.3% and 4.5% respectively. The number of cyberattacks on government agencies has increased significantly year-on-year. In the second half of 2022, there were 95% more cyberattacks on government agencies than in the same period in 2021. The number of state-sponsored cyber attacks in India increased by more than 100% in 2022 compared to 2021. India was the most targeted country in 2022 as attacks on government agencies more than doubled.

Healthcare is the most targeted sector by hackers followed by education, research, government and military sectors. The data from the report shows that an organization in India was attacked 1,866 times per week on average in 2022.

The most common types of cyber attacks in India are /phishing attacks, malware attacks, and ransomware attacks. 78% of Indian organizations experienced a ransomware attack in 2021, with 80% of those attacks resulting in data encryption.

Kumar Ritesh, CEO & Founder, Cyfirma, says, “It comes as no surprise that India is the most targeted country in the world by threat actors. India’s growing prominence at the world stage and push from Western economies to favour India over other large countries, a young and tech savvy population with low cybersec maturity has played a key role in hackers coming after critical assets, govt agencies with an intent to breach them and harm India’s strategic interests. While sectors like BFSI, healthcare and software companies have spent significantly on improving their security posture, there is an urgent need to understand the external threat landscape. We believe that unless you don’t know who to defend against, billions spent in cybersec will not yield expected results.”

India’s geo-political importance has never been greater than it is today. This has given way to threat actors uniting against India. A disturbing trend of North Korean threat actors collaborating with China and Russia has been observed with the former offering itself as hacker as a service (HaaS) for financial gains.

Between Jan to July 2023, as part of the external threat landscape monitoring and analysis, CYFIRMA observed 39 campaigns targeting various industries in India. Known groups like FancyBear, TA505, Mission 2025, Stone Panda and Lazarus Group are suspected to be behind these campaigns. Of these 39 campaigns, 14 have been orchestrated by China State sponsored groups with an intent of espionage. 11 of these campaigns were planned by North Korea backed hackers as part of HaaS. While 10 attacks originated from Russian threat actors, of which only 4 were state sponsored.

Key trends and attack methods being used by threat actors:

Ransomware: Ransomware operators are continuously improving their techniques with an intent to intimidate and force victims to pay the ransom. At present, ransomware operators are suspected to follow a 4-layer approach of targeting organizations which includes:

1.Infiltrate into the target organization’s network.

2.Exfiltrate and encrypt data.

3.Demand ransom and “Name & Shame”.

4.Leave behind footprints in the targeted organizations to come back and attack again.

Crimeware- as-a service: CaaS threats include SMS spoofing, phishing kit,custom spyware, hackers for hire, exploit kit.  

Carpet Bombing of SMEs:  SMEs are not spared by cyberwar, businesses of all sizes are targeted.

Supply Chain disruption: Software supply chain will continue to be targeted

With the rising attacks, it is critical for the govts and Organizations to engage a  comprehensive ETLM tool, which can take the intel gathered and relate it back to infrastructure, digital footprint, brand, industry, technology, and geolocation. Because when you unify different capabilities, you get a prioritized list of actions to prepare an effective response plan.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

CYFIRMA launches India threat landscape report

●       India is the most targeted country with 13.7% of all cyber attacks directed at it

●       US, Indonesia and China are next 3 most targeted countries by threat actors

●       Govt agencies across nations emerge as the topmost target with 95% of the cyber attacks aimed at them

●       State sponsored cyber attacks increased by 100% on India in 2022

●       Healthcare sector most targeted in India followed by education, research, govt and military sectors

●       Cyfirma research shows 39 active campaigns against India in 2023 coming from state sponsored threat actors from China, North Korea, Pakistan, Russia

●       Threat actors actively targeting India include FancyBear, Mission 2025 (China), TA505 (Russia), Transparent Tribe (Pakistan) Turla Group, Stone Panda and Lazarus Group (North Korea)

Mumbai,6th November 2023: CYFIRMA, an external threat landscape management platform, has released India Threat Landscape report 2023 focusing on threats targeting India and strategies to counter them. 

According to the report, India is the most targeted country, with 13.7% of all attacks followed by the US with 9.6%, Indonesia and China with 9.3% and 4.5% respectively. The number of cyberattacks on government agencies has increased significantly year-on-year. In the second half of 2022, there were 95% more cyberattacks on government agencies than in the same period in 2021. The number of state-sponsored cyber attacks in India increased by more than 100% in 2022 compared to 2021. India was the most targeted country in 2022 as attacks on government agencies more than doubled.

Healthcare is the most targeted sector by hackers followed by education, research, government and military sectors. The data from the report shows that an organization in India was attacked 1,866 times per week on average in 2022.

The most common types of cyber attacks in India are /phishing attacks, malware attacks, and ransomware attacks. 78% of Indian organizations experienced a ransomware attack in 2021, with 80% of those attacks resulting in data encryption.

Kumar Ritesh, CEO & Founder, Cyfirma, says, “It comes as no surprise that India is the most targeted country in the world by threat actors. India’s growing prominence at the world stage and push from Western economies to favour India over other large countries, a young and tech savvy population with low cybersec maturity has played a key role in hackers coming after critical assets, govt agencies with an intent to breach them and harm India’s strategic interests. While sectors like BFSI, healthcare and software companies have spent significantly on improving their security posture, there is an urgent need to understand the external threat landscape. We believe that unless you don’t know who to defend against, billions spent in cybersec will not yield expected results.”

India’s geo-political importance has never been greater than it is today. This has given way to threat actors uniting against India. A disturbing trend of North Korean threat actors collaborating with China and Russia has been observed with the former offering itself as hacker as a service (HaaS) for financial gains.

Between Jan to July 2023, as part of the external threat landscape monitoring and analysis, CYFIRMA observed 39 campaigns targeting various industries in India. Known groups like FancyBear, TA505, Mission 2025, Stone Panda and Lazarus Group are suspected to be behind these campaigns. Of these 39 campaigns, 14 have been orchestrated by China State sponsored groups with an intent of espionage. 11 of these campaigns were planned by North Korea backed hackers as part of HaaS. While 10 attacks originated from Russian threat actors, of which only 4 were state sponsored.

Key trends and attack methods being used by threat actors:

Ransomware: Ransomware operators are continuously improving their techniques with an intent to intimidate and force victims to pay the ransom. At present, ransomware operators are suspected to follow a 4-layer approach of targeting organizations which includes:

1.Infiltrate into the target organization’s network.

2.Exfiltrate and encrypt data.

3.Demand ransom and “Name & Shame”.

4.Leave behind footprints in the targeted organizations to come back and attack again.

Crimeware- as-a service: CaaS threats include SMS spoofing, phishing kit,custom spyware, hackers for hire, exploit kit.  

Carpet Bombing of SMEs:  SMEs are not spared by cyberwar, businesses of all sizes are targeted.

Supply Chain disruption: Software supply chain will continue to be targeted

With the rising attacks, it is critical for the govts and Organizations to engage a  comprehensive ETLM tool, which can take the intel gathered and relate it back to infrastructure, digital footprint, brand, industry, technology, and geolocation. Because when you unify different capabilities, you get a prioritized list of actions to prepare an effective response plan.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Bitfinex hacker receives five-year sentence for multi-billion crypto heist

Lichtenstein and his wife Heather Morgan were arrested...

Bluesky’s big week: the race to be the next...

Bluesky hit 15 million users this week. And...

How to figure out if an AI Crypto project...

Blockchain AI projects have seen record fundraising but...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!