By Anshuman Sharma, Director, VTRAC, Cybersecurity Consulting Services, Verizon Business
India’s digital economy is growing faster than many advanced countries like the UK, Germany, and Japan, according to the State of India’s Digital Economy report. But with this rapid growth comes a downside: a sharp rise in cyberattacks. India ranks among the top two nations most targeted for cyberattacks and is the third-largest country for phishing attacks.
The scale and impact of cybercrime are serious issues for industries and policymakers, especially as India’s digital economy could contribute 20% of the nation’s GDP by 2027. The 2024 Data Breach Investigations Report (DBIR) highlights the increase in sophisticated cyber threats, such as exploiting system vulnerabilities, spearphishing, and impersonation attacks. This makes robust cyber security practices more important than ever.
In March 2024, both the government and energy sectors in India were targeted by cybercriminals using a phishing email disguised as a message from the Indian Air Force. The attack, known as ‘Operation Flightnight,’ compromised the security of national defense organizations and private energy companies, giving hackers access to financial documents, employee information, and drilling activities. These incidents of espionage are becoming more common at both national and industry levels.
Cybercriminals in India are targeting a wide range of victims, from CEOs of large companies to teenagers’ gaming accounts. The recent DBIR report shows a 180% rise in cyberattacks that exploit vulnerabilities, especially through web applications. The report also emphasizes the need for secure cloud storage and robust cloud computing security to protect against these evolving threats. However, human error remains a major weakness, with 68% of breaches involving some form of human mistake.
So, who are the people behind these attacks, and why do they do it? Most cybercriminals are motivated by money, using ransomware to force companies into making large payouts. Insider threats, caused by mistakes rather than malicious intent, are also on the rise. However, espionage is a growing concern, especially in the APAC region, where 25% of breaches target sensitive data, compared to just 4–6% globally. This shows a much higher focus on stealing secrets in this part of the world.
Indian companies are facing a huge cybersecurity problem with the exploitation of system vulnerabilities. In the APAC region, cybercriminals attacked servers in 100% of 407 recorded instances, mainly through hacking and malware. Most of these attacks followed a clear pattern, with 95% involving system intrusion, social engineering, or basic web application attacks.
One major reason for this is the delay in fixing critical vulnerabilities. According to the Cybersecurity Infrastructure and Security Agency (CISA), it takes companies an average of 55 days to fix just 50% of critical vulnerabilities after patches are released. This is not fast enough to stop cybercriminals, who are always looking for weaknesses to exploit. To address this, businesses should invest in advanced cloud computing security measures and adopt secure cloud storage solutions.
Cybersecurity also needs to extend beyond a company’s internal systems. A 68% rise in breaches caused by vulnerabilities in third-party vendors highlights the need for stronger security measures with external partners. Businesses must prioritize quick patching, employee training, and better collaboration with vendors to create a safer digital environment.
Organizations need to adopt a layered cybersecurity approach, protecting every level from users to applications, devices, and networks. A complete defense plan should include network and cloud security, filtering, endpoint protection, voice security, and expert consulting.
Recognizing that human error is a big factor, companies are also investing in employee training. Educating the entire workforce, not just the IT department, can improve the detection and reporting of phishing attempts, which strengthens the first line of defense.
Finally, because of the increase in espionage-related attacks, companies must closely examine their third-party networks. Reviewing the security practices of suppliers, academic institutions, and research organizations helps protect sensitive information, especially data linked to national security. Investing in cloud security and secure cloud storage is crucial in this effort to safeguard critical data and maintain robust cloud computing security.
👁 Post Views =2k
Welcome to IT Business Digest, your ultimate source for the latest information technology news and updates. Stay ahead with our in-depth coverage of emerging technologies, industry trends, and expert insights.
Sign up our newsletter to get update information, news and free insight.