In the ever-evolving landscape of cyber threats, a new report reveals a startling reality: India has become the world’s most targeted country for cyberattacks. The report, released by cybersecurity firm Cyfirma, highlights a surge in cyber onslaughts, with India bearing the brunt of these digital attacks. This article delves into the details of the report, shedding light on the reasons behind this alarming trend, the sectors most affected, and the actors responsible for these attacks.
India: The Epicenter of Cyberattacks
In the latter half of 2022, India faced a staggering 95 percent surge in cyberattacks targeting its government agencies compared to the same period in 2021. Notably, India endured the highest volume of cyberattacks globally, accounting for 13.7 percent of all such attacks. Following closely behind was the United States at 9.6 percent, with Indonesia and China at 9.3 percent and 4.5 percent, respectively.
An Alarming Upward Trend
The steep rise in cyberattacks on India’s government agencies underscores the gravity of the situation. In the second half of 2022, there was a 95 percent increase in cyberattacks targeting government entities compared to the preceding year. Furthermore, state-sponsored cyberattacks in India surged by over 100 percent in 2022, revealing the nation’s vulnerability to digital threats.
The Most Vulnerable Sectors
The Cyfirma report identifies healthcare as the most susceptible sector to cyberattacks in India, followed closely by education, research, government, and the military. The motives behind these attacks vary, ranging from data theft to potential espionage.
Key Factors Behind India’s Vulnerability
Several factors contribute to India’s prominence as a prime target for cyberattacks. The country’s increasing global relevance, coupled with the preference of Western economies, has drawn attention to India. The presence of a young and tech-savvy population, juxtaposed with a relatively lower level of cyber maturity, has created an environment ripe for malicious cyber activities.
Kumar Ritesh, CEO, and Founder of Cyfirma, underscores these factors, stating, “India’s growing prominence at the world stage and push from Western economies to favor India over other large countries, a young and tech-savvy population with low cybersec maturity has played a key role in hackers coming after critical assets, government agencies with an intent to breach them and harm India’s strategic interests.”
The Anatomy of Attacks
The Cyfirma report sheds light on the frequency and nature of cyberattacks in India. On average, organizations in India faced a staggering 1,866 attacks per week in 2022. The primary types of attacks include phishing, malware, and ransomware attacks. In 2021, approximately 78 percent of Indian organizations experienced ransomware attacks, with 80 percent of these attacks leading to data encryption.
Behind the Scenes: Attackers and Espionage
Between January and July 2023, the report identified 39 cyber campaigns targeting various industries in India. Suspected groups behind these campaigns included FancyBear, TA505, Mission 2025, Stone Panda, and Lazarus Group. Among these campaigns, 14 were attributed to China State-sponsored groups with espionage motives. An additional 11 campaigns were linked to North Korea-backed hackers, while 10 attacks were traced back to Russian threat actors.
