Cybercrime and cyber conflict: India

Main article: Cybercrime in the world

2024: In India, half of cyber attacks are in the public sector and industry

Experts Positive Technologies found that India 80% of all cyber attacks are directed to organizations, with 36% of them accounted for, 13 public sector% - for. The industry company announced this on October 22, 2024. The company's report also notes an increase in the share of cyber attacks on service companies, and. medicine IT

Due to the growing level of digitalization and the volume of investments in IT and artificial intelligence technologies, India's information infrastructure has increasingly attracted cybercriminals. As noted in the study, in 2023 the number of cyber attacks in the country increased by 15% compared to the previous year, and in the second quarter of 2024 the growth reached 46% compared to the same period a year ago, while in the world this figure was 30%.

In most cases (70%), attacks on organizations ended with the theft of confidential data, among which 40% were personal information, and 20% were trade secrets. The situation is similar with individuals: 62% of successful incidents led to data leaks. Most often, attackers gained access to personal information and correspondence (24% each), as well as payment information (19%).

Cybercriminals mainly aimed at such significant industries as the public sector and industry, trying to take possession of large volumes of confidential information. Attacks on government organizations most often used malware (37%) and social engineering methods (33%), often cybercriminals combined these tools. Experts note that more than half (56%) of cyber attacks on the public sector were carried out by APT groups. In incidents directed against industrial companies, on the contrary, social engineering methods prevailed (40%), in second place - HPE (30%). This correlates with the analysis of attack objects: in 45% of cases, people became victims, in 36% - computers, servers and network equipment.

Among other goals, attackers equally often attacked organizations from the service sector, IT and medicine (9% each), and this distribution is specific to India, which is in the active stage of digital transformation, said Darya Lavrova, an analyst at Positive Technologies. - It is noteworthy that in the case of IT companies, attackers rarely used social engineering methods. In every second incident in this area, accounts were compromised in order to use the hacked infrastructure as an intermediate link for further attacks. Two more trends characteristic of India: attackers in 43% of cases aimed at medium and small IT companies that do not have enough resources to provide information security, and often attacked cloud solutions.

Like around the world, malware is the most popular method of cyber attacks on Indian organizations. In 2024, the share of incidents involving the use of HPE in the country increased by 11%, and the use of ransomware increased by 22%. As Positive Technologies experts found out, this type of malware was used in 33% of attacks on companies using HPW, but spyware turned out to be the most in demand (38%). Most often, malware was distributed through phishing emails (64%).

Taking into account the specifics of cyber threats for India, experts recommend that organizations adhere to the concept of effective cybersecurity, in which special attention is paid to the training of highly qualified specialists in the field of information security. Practical-oriented programs that take into account the landscape of modern cyber threats and allow you to exchange experience with other countries will help with this.