A deep dive into cyberattacks in India for 2023

In 2023, India was on the frontline of an ongoing onslaught of cyberattacks. India became the second most targeted country in the world, only surpassed by Taiwan in the Asia Pacific area, with a 15% increase in cyber attack instances over the prior year. Organisations in India experienced 2,138 cyberattacks on average every week, a notable increase over the prior year. This spike in attacks was consistent with a global trend, where businesses face a 1% increase in cyberattacks every week.

Despite intensive attempts to strengthen cybersecurity defences, including a projected $2.65 billion expenditure in 2023, India continues to suffer a barrage of cyber threats. Ransomware has evolved as a powerful tool in cybercriminals’ arsenal, posing a serious risk to important industries and organisations.

Security experts also detected 39 active attacks against India in 2023, all of which originated from state-sponsored threat actors, including China, North Korea, Pakistan, and Russia. This geopolitical dimension of cyber threats highlighted India’s growing global significance, making it an appealing target for enemies seeking to damage strategic interests.

Moreover, phishing attacks, malware infiltrations, and bot attacks targeted vulnerabilities in a variety of businesses, raising worries about data security and integrity.

The impact of these cyberattacks in India was widespread, with different industries suffering the burden of increased vulnerability. While attacks on the education and research sectors decreased by 12%, they remained the primary target for cyber attackers. Retail and wholesale industries saw a troubling 22% increase in attacks, indicating a shift in attacker focus. The healthcare industry, which plays a key role in protecting public health, was especially vulnerable, with a 3% increase in attacks.

Furthermore, internal attacks increased India’s cybersecurity challenges. Reports of government espionage and monitoring stressed the importance of effective security against both external and internal threats. With cyber attacks targeting both public and private companies, the need to strengthen cybersecurity defences cannot be overstated.

 

Top Cyberthreats for India in 2023

1. Ransomware attacks targeting critical sectors and organisations.
2. State-sponsored cyber attacks originating from China, North Korea, Pakistan, and Russia.
3. Phishing attacks aimed at exploiting vulnerabilities in Indian organisations.
4. Malware attacks compromising software and data integrity.
5. Bot attacks, particularly prevalent in healthcare, banking, finance, and insurance sectors.
6. Server-side request forgery (SSRF) attacks detected across various industries.
7. Cross-site scripting (XSS) attacks posing risks to web applications.
8. Distributed denial-of-service (DDoS) attacks targeting Indian websites.
9. Crimeware-as-a-service (CaaS) threats, including SMS spoofing and custom spyware.
10. Supply chain disruptions affecting software infrastructure and industries.

 

Organisations are increasing cybersecurity spending in response to the growing cyberattacks in India.

 

In response to these rising concerns, Indian enterprises have increased their spending on cybersecurity techniques and technologies. AI, machine learning, and automation have emerged as crucial tools, with organisations planning major expenditures in these areas. Furthermore, programs to collect and analyse cybersecurity data have gained traction, enabling proactive risk management and threat mitigation techniques.

India’s expanding digital footprint and growing geopolitical relevance make it vital to strengthen cybersecurity defences. In an increasingly complex cyber landscape, India can better protect its digital assets and strategic interests by implementing a comprehensive strategy that includes proactive defensive measures, threat intelligence, and cross-sector coordination.