India Becomes Second Most Targeted Nation for Cyber Attacks in 2024
In a stark revelation, India has been identified as the second most targeted country for cyber attacks globally, with a reported 95 entities suffering from data breaches in 2024. This alarming statistic is outlined in the ThreatLandscape Report 2024 released by cybersecurity firm CloudSEK, which indicates a significant escalation in targeted offenses against Indian organizations.
The report analyzed data collected from dark web monitoring and places the United States at the forefront of cyber incidents, recording 140 attacks, largely attributed to its vast economic influence and sophisticated digital infrastructure. Israel follows closely in third place, with 57 documented attacks, which are largely linked to ongoing geopolitical tensions in the region. CloudSEK’s findings underline the growing vulnerability of digital assets worldwide and highlight the urgent need for robust cybersecurity measures.
The sectors that faced the brunt of these cyber offenses were predominantly from the finance and banking industries, where 20 organizations were compromised. In addition, government entities were targeted with 13 breaches, while telecommunications suffered 12 attacks. The healthcare and education sectors also reported significant data breaches, with figures reaching 10 and 9, respectively. The report emphasizes that rapid digitization across India has exposed these sectors to heightened risks, contributing to their status as prime targets for cybercriminals.
Among the most significant breaches reported was the staggering leak of 850 million records of Indian citizen data from Hi-Tek Group. This breach serves as a stark reminder of the vulnerabilities present in data management processes. Similarly, customer data from Star Health and Allied Insurance and 2TB of sensitive information from Telecommunications Consultants India were also compromised, amplifying concerns regarding data protection mechanisms across various sectors.
Ransomware incidents are a growing concern, with the report documenting 108 such attacks within the year. The Lockbit ransomware group emerged as the most prolific, accounting for over 20 of these attacks, while the Killsec group followed closely behind with more than 15 incidents. Ransomhub was also reported to be responsible for 12 attacks. These figures illustrate a concerning trend, as ransomware continues to evolve in sophistication, often employing advanced techniques for initial access and data encryption.
Analyzing these breaches through the lens of the MITRE ATT&CK framework reveals several potential adversary tactics. Techniques such as initial access, likely via exploiting vulnerabilities in software or using phishing campaigns, may have been employed to breach these organizations. Persistence and privilege escalation tactics could have enabled attackers to maintain access within the networks and elevate their control over critical systems, further exacerbating the potential damage inflicted.
As cyber threats evolve, businesses must remain vigilant and implement comprehensive security protocols to mitigate risks. Understanding the tactics and techniques outlined in the MITRE ATT&CK framework provides an essential context for creating informed and effective cybersecurity strategies. With the escalating frequency of these incidents, it is imperative for organizations, particularly in targeted sectors, to prioritize cybersecurity and invest in advanced protective measures to safeguard their data assets against increasingly sophisticated threats.
In conclusion, the findings from CloudSEK’s report not only highlight the current cyber threat landscape but also serve as a clarion call for enhanced vigilance in cybersecurity practices. As India grapples with these challenges, it becomes increasingly crucial for businesses to adopt a proactive approach to information security, ensuring they are equipped to respond to the dynamic nature of cyber threats in 2024 and beyond.
