The recent surge in technological innovations due to the Indian Government’s “Make in India” and “Atmanirbhar Bharat” (self-reliant India) campaigns along with a shift towards digital transformation due to the ongoing COVID-19 pandemic meant that a parallel surge in the number of cyberattacks was anticipated. However, the spike would be so high that India would grab the second spot in the list of “Most cyberattacked country in the APAC” was beyond expectation. IBM Security released a report titled the 2021 X-Force Threat Intelligence Index, which made the following key revelations highlighting the threat landscape in India:
- India was the second most cyberattacked country in the APAC, only behind Japan.
- 7% of all attacks, which X-Force (IBM’s proprietary security product) observed in Asia, were targeted towards India.
- Finance and insurance industries were the most targeted industries (60%), closely followed by manufacturing and professional services.
- Ransomware topped the attack type list in India, making up roughly 40% of the attacks.
- India has been considering a digital currency of its own for some time now, however, X-Force observed that digital currency mining and server access attacks hit many Indian companies last year.
- In 2020, most of the attacks on Indian companies occurred between May to July.
Talking about the findings from the study, Sudeep Das, Security Software Technical Sales Leader, IBM Technology Sales, India/South Asia, said “The 2020 threat landscape in India was largely shaped by the pandemic. As the pandemic’s timeline of events and progress unfolded, so did the attack trends. Ransomware was the top attack type in India with a 40% share in the overall threat landscape which although is not surprising yet, beyond expectation. We also witnessed cybercriminals using relief efforts and public health information as spam lures including targeted attacks on critical components of the vaccine supply chain.”
When asked what Indian organizations expect in 2021 and how they can overcome threats, Das added, “All these issues will remain in 2021 as well. Hence, organizations need to harden their cloud environments with a zero-trust approach to their security strategy and leverage AI to monitor, detect and contextualize dynamic behaviors and movements across hybrid cloud environments, to verify the legitimacy (or lack of) of a threat and automate a response.
Furthermore, we need to use Confidential Computing for a higher level of isolation for secure enclaves of data. It encrypts data during processing, whereas before, data had to be decrypted just before being processed, leaving it potentially vulnerable. In other words, even if cloud environments are compromised, the data would be futile/inaccessible to a malicious actor with technologies like Confidential Computing.”
The findings in this report are based on data analyzed from multiple sources within IBM, including IBM Security X-Force Threat Intelligence and Incident Response, X-Force Red, IBM Managed Security Services and additional data provided by Quad9 and Intezer. Some of the key findings from the global level analysis include:
- Accelerated use of Linux Malware: An increase of 40% in Linux-related malware families was observed in 2020.
- Shift in Top Spoofed Brands: Amid a year of social distancing and remote work, brands offering collaboration tools such as Google, Dropbox, and Microsoft, or online shopping brands such as Amazon and PayPal, made the top 10 spoofed brands in 2020. Adidas was another surprising entrant to this list at the No.7 spot.
- Ransomware became a profitable business model: Ransomware was the cause of nearly one in four attacks that IBM’s X-Force responded to in 2020. The majority of them exercised double extortion tactics. Using this model, X-Force found that Sodinokibi operators – the most observed ransomware group in 2020 – had a very profitable year. The report estimates that the group made over $123 million in the past year, with approximately two-thirds of its victims paying a ransom.
To download the complete report, click here.