Cyber Security: Tackling the invisible enemy

By Karmendra Kohli, CEO & Director,  SecurEyes
December 19, 2023: The cybersecurity landscape in India is growing increasingly dangerous, with the nation poised to break records for ransomware incidents in 2023. All mid-year cyber threat reports indicate that India is at a cybersecurity crossroads. The 2023 Mid-Year Cyber Threat Report by SonicWall revealed that India has already experienced a staggering 133% surge in ransomware attacks and a 311% upswing in Internet-of-Things (IoT) attacks. While Trend Micro report has placed India within the top five countries globally in terms of malware detections in the first half of the year. Additionally, India ranks fourth worldwide in the detection of online banking malware, constituting a worrisome 8.2% of all global threats. The report also highlights India as one of the top three regions with the highest number of risk events detected in the first half of 2023, trailing only behind the United States and Brazil.
Cybercriminals continually evolving and enhancing their skill sets, thereby posing significant challenges to digital defences. These adversaries are targeting critical infrastructure, intensifying the complexity of the threat landscape and compelling organizations to reassess their security requirements. Recent ransomware incidents, such as the April 2023 attack on Fullerton India, a non-banking financial company targeted by the sophisticated Lockbit 3.0 ransomware group with hefty ransom demands, serve as prominent examples of these emerging trends.
Another notable incident occurred in September 2023 when DarkBeam, a digital risk protection company, exposed 3.8 billion records due to a misconfigured Elasticsearch and Kibana interface. These developments underscore the evolving tactics employed by cybercriminals.
The rising tide of cyberattacks poses substantial risks to India's economic aspirations, particularly as various industries, from manufacturing to pharmaceuticals. Threat actors have become more opportunistic than ever, targeting institutions such as schools, state and local governments, and retail organizations at unprecedented rates. Prominent attacks continue to disrupt enterprises, cities, airlines, and educational institutions, resulting in widespread system downtime, economic losses, and damage to reputations.
AI-Powered Malware Top Concer
According to the ‘CyberArk 2023 Identity Security Threat Landscape Report’, an overwhelming 91% of Indian organizations reported experiencing ransomware attacks over the past year. The survey delves into the impact of challenging economic conditions and the rapid advancements in technology, including the evolution of artificial intelligence (AI), on the expansion of identity-focused cybersecurity vulnerabilities. It highlights that 61% of security professionals who participated in the survey anticipate that AI-driven threats will impact their organizations in the coming year, with AI-powered malware identified as the primary apprehension.
The most recent Digital Defence Report for 2023 by Microsoft also highlights the growing utilization of artificial intelligence in crafting new security threats. Interestingly, AI plays a dual role, aiding defenders in their efforts to safeguard against these evolving threats. The report underscores a significant 200% rise in human-operated ransomware attacks since September 2022. These attacks are characterized by a "hands-on keyboard" approach rather than automated methods, and they typically target entire organizations, often accompanied by customized ransom demands
Ransomware operators are increasingly capitalizing on vulnerabilities in less commonly used software, making it more challenging to anticipate and defend against these assaults. Notably, the report identifies a substantial uptick in attacks focused on passwords and Multi-Factor Authentication (MFA) fatigue during the year. While deploying MFA remains one of the simplest and most effective defence strategies that organizations can employ, reducing the risk of compromise by 99.2%, threat actors are exploiting 'MFA fatigue' by bombarding users with a barrage of MFA notifications, hoping to gain access ultimately
Need of Robust Cybersecurity Measure
Cybersecurity measures are designed to protect digital systems, networks, and data from unauthorised access, disruption, and damage. Their significance lies in their ability to defend against cyber threats like hacking, malware, phishing, and ransomware attacks. These measures are essential for preventing data breaches and ensuring the integrity, availability, and confidentiality of sensitive information. Implementing robust cybersecurity measures is imperative to mitigate these risks effectively.
Cybersecurity measures are typically implemented through a combination of technical controls, policies, procedures, and organisational practices. These measures are often industry-specific and may vary depending on the nature of the data and the level of risk involved. By mandating cybersecurity controls within the recently enacted Digital Personal Data Protection Law 2023, the government has fostered a secure environment where personal data is shielded from malicious actors. Organisations may adopt recognised frameworks like the NIST Cybersecurity Framework or ISO 27001 to establish robust cybersecurity controls.
While the new law represents a significant milestone, given the dynamic nature of cybersecurity threats, continuous collaboration and knowledge sharing among industry stakeholders, government agencies, and cybersecurity experts are crucial. The new law should foster an ecosystem that promotes information exchange, best practices, and capacity-building initiatives. Such collaborations can strengthen cybersecurity capabilities across sectors, enhancing the overall resilience of India's digital infrastructure
Cyber threats are a persistent reality that cannot be ignored. Numerous adaptable threat actors continually seek to exploit weaknesses or vulnerabilities for illicit purposes. The existing threats are increasingly perilous, and new threats are looming on the horizon. Considering these aspects, organisations must constantly adapt optimal operational and cyber resilience frameworks. This adaptation should occur individually and collectively, achieved through rigorous regulation, enforcement, and prosecution. Moreover, future cooperation between public and private institutions will play a pivotal role in combating cyber threats. Regulators and authorities must actively encourage and ensure the resilience and preparedness of banks in the face of such threats.
(The author is the CEO & Director,  SecurEyes, a pure-play cybersecurity consulting, services, and products company that also provides cybersecurity training and education.)