91% of Indian organizations experienced ransomware attacks last year, finds CyberArk survey

16th June 2023
91% of Indian organizations experienced ransomware attacks last year, finds CyberArk survey

Mumbai,  June 16, 2023:  A new global report released today by CyberArk show  how the tension between difficult economic conditions and the pace of technology innovation, including the evolution of artificial intelligence (AI), is influencing the growth of identity-led cybersecurity exposure.
The CyberArk 2023 Identity Security Threat Landscape Report details how these issues have the potential to result in a compounding of ‘cyber debt’: where investment in digital and cloud initiatives outpaces cybersecurity spend, creating a rapidly expanding and unsecured identity-centric attack surface. 
In 2022, organisations experienced growing cyber debt, where security spend over the pandemic period lagged investment in broader digital business initiatives. In 2023, levels of cyber debt are at risk of compounding, driven by an economic squeeze, elevated levels of staff turnover, a consumer spend downturn and an uncertain global environment. With investment in digital and cloud initiatives still ongoing as business leaders seek to unlock greater efficiencies and innovation, these factors have had knock-on effects to cybersecurity. 
-All (100%) India organisations expect identity-related compromise this year, stemming from economic-driven cutbacks, geopolitical factors, cloud adoption and hybrid working. A majority (84%) say this will happen as part of a digital transformation initiative such as cloud adoption or legacy app migration.  
-Fueling a new wave of insider threat concerns from – for example - disgruntled ex-staffers or exploitable leftover credentials, 80% of organizations expect employee churn-driven cyber issues in 2023.  
Report findings reveal upcoming areas of identity and cybersecurity concern this year. 

  • 61% of security professionals surveyed expect AI-enabled threats to affect their organization in 2023, with AI-powered malware cited as the #1 concern.  
  • More than nine in 10 (91% - up from 70% in our 2022 report) of the organizations surveyed experienced ransomware attacks in the past year, and 55% of affected organisations reported paying-up twice or more to allow recovery, signaling that they were likely victims of double extortion campaigns. 
  • 92% of Indian organisations feel code/ malware injection into their software supply chain is one of the biggest security threats their organisations face. 

 Expanded Identity-Centric Attack Surface  
Identities – both human and machine - are at the heart of all, or nearly all, attacks. Three-fourths of identities in Indian organisations require sensitive access to perform their roles and are a favored attack vector as a result. The report found that critical areas of the IT environment are inadequately protected and identifies the identity types that represent significant risk.  

  • 75% say highest-sensitivity employee access is not adequately secured and India ranks higher in numbers of machines that have sensitive access than humans as compared to global findings (42% vs. 38%).  
  • Credential access remains the #1 risk for respondents (cited by 45%), followed by defense evasion (34%), execution (34%), initial access (31%) and privilege escalation (26%). 
  • Business critical applications e.g., revenue-generating customer-facing applications, enterprise resource planning (ERP) and financial management software – were named as the area of greatest risk due to the unknown and unmanaged identities that access them (53%). However, 70% have identity security controls in place to secure business-critical apps.  
  • Third parties – partners, consultants and services providers – cited as #1 riskiest human identity type (44%). 

“The organizational desire to drive ever-greater business efficiencies and innovation remains undiminished, even as cutbacks in staffing and macro-economic forces are creating significant pressures,” said Matt Cohen, chief executive officer, CyberArk. “Business transformation, driven by digital and cloud initiatives, continues to result in a surge in new enterprise identities. While attackers are constantly innovating, compromising identities remains the most effective way to circumvent cyber defenses and access sensitive data and assets. Such profound risk puts the issue of “who and what to trust” at the forefront of efforts to prevent cyber debt from compounding, and to build long-term cyber resilience.” 
“New environments create new identities and, consequently, compromising identities will remain the most preferred method for attackers to evade cyber defences and gain access to critical data and assets,” said Rohan Vaidya, regional director, India & SAARC, CyberArk. “The identity-centric attack surface is one that is a priority to secure. To be best positioned to weather the current storm, organisations must adopt a risk-based strategy to secure critical assets, and initiate programmes to consolidate operations on a smaller set of trusted partners and solutions to build resilience.”   
Download the full report here ( registration required)
Report highlights in pictures... see Image of the Day