Cyberattacks in India have reached alarming levels, with a staggering 593 incidents reported in the first half of 2024. The education, government, and technology sectors emerged as the most vulnerable targets, according to a recent report.
This surge in cyberattacks underscores the critical need for robust cybersecurity measures across all sectors of the Indian economy. The report mentioned that the potential for cyberattacks will only grow, making it imperative for businesses and government entities to stay ahead of the evolving threat landscape.
Cyberattacks in India Report in Detail
The report titled ‘India Breach Report’ by FalconFeeds, highlighted that India witnessed 388 data breaches (65.4%), 107 data leaks (18.0%), 59 cases of access sales or leaks (9.9%) and 39 ransomware group activities (6.6%), in the first half of 2024. Apart from education, government and technology, healthcare, banking, manufacturing and consumer services sectors witnessed severe cyberattacks from January to June this year.
“This evolving cyber threat landscape in the nation, particularly within critical sectors like government and education, is a stark reminder that it is high time we created a protocol to address the issue. No sector is immune,” said Nandakishore Harikumar to The Hindu newspaper, who runs FalconFeeds.io.
“Data breaches are the most common type of cyberattack, indicating that many organizations lack robust data protection measures. Sensitive information remains highly vulnerable to unauthorized access and exposure. Data leaks follow closely behind data breaches, further highlighting the need for improved data security practices,” the report said.
“The thriving underground market for unauthorized access to corporate and government networks underscores the importance of strong access control measures, regular monitoring, and swift response to unauthorized access attempts,” it added.
The report identified a disturbing correlation between increase in cyberattacks in India and the country’s Parliament elections which was held from April 19 to June 1.
“From March to April, there was a marked increase in cyber incidents, peaking in May, followed by a slight decrease in June and a more notable drop in July. This highlights the opportunistic behaviour of threat actors who exploit periods of heightened national activity,” the report said.
Government and public sector entities were disproportionately affected, with New Delhi and the Central government bearing the brunt of attacks during this period.
Most Active Platforms for Cyberattacks in India
An analysis of the platforms which were facilitating most of the cyberattacks included dark web portal BreachForums (35 victims) followed by social media app Telegram (32 victims). Among threat actors, Lockbit 3.0 executed the highest number of attacks standing at 18 followed by Darkvault (6), BianLian (4) and, Kill Security and RansomHub (3 each).
Some of the major organizations impacted due to cyberattacks in India this year includes Eicher Motors Limited, Telangana Police, Tamil Nadu Labour Department and the National Disaster Management Authority, the report said.
Mitigations and Recommendations of Report
The report called for regular security audits to identify and address vulnerabilities, educate employees about phishing, social engineering, and other common attack vectors and encryption of sensitive data both at rest and in transit.
It also suggested implementing Multi-Factor Authentication (MFA) to add an extra layer of security for accessing systems and data, developing and regularly update an incident response plan to quickly address any breaches or leaks, participating in threat intelligence sharing communities to stay informed about the latest threats, implementing network segmentation to limit the spread of malware and restrict unauthorized access to sensitive data.
Among other recommendations include regularly backing up critical data and ensuring that backup systems are secure and tested and implementing advanced monitoring and detection tools to identify and respond to suspicious activities in real time.
“The cyberattacks in India from January to July 2024 underscore the urgent need for enhanced cybersecurity measures across all sectors. By understanding the trends, impacts, and mitigation strategies outlined in this report, organizations can better prepare to defend against future threats,” the report concluded.