Trend Micro Incorporated recently unveiled its highly anticipated Stepping ahead of risk: Trend micro 2023 Midyear Cybersecurity Threat Report, shedding light on critical insights within the cybersecurity landscape.
India’s cybersecurity landscape is undergoing a profound transformation, marked by a significant uptick in ransomware and malware threats. In the first half of 2023, sectors vital to the nation’s economy, including Banking, Manufacturing, and Government, found themselves on high alert as they grapple with a growing wave of cyber challenges. The report highlights these pressing concerns, urging organizations to fortify their defenses and adopt proactive cybersecurity measures to safeguard against evolving cyber threats.
Ransomware and Malware Surge in India:
India’s cybersecurity landscape is under siege as ransomware and malware threats reach alarming heights, prompting an urgent call for robust defense strategies. Ransomware attacks surged, with a staggering 1,24,209 threats detected. These attacks targeted various sectors, with Banking, Manufacturing, and Retail industries reporting the highest number of incidents. Notable ransomware families such as StopCrypt, LOCKBIT, and BLACKCAT wreaked havoc in the Indian cybersecurity landscape. In January this year Mimic, a new ransomware group, was also discovered that abuses legitimate search tools. Mimic’s code is very similar to the 2022 Conti ransomware code and it mainly targets Russian and English speaking users.
Simultaneously, malware incidents were on the rise. India ranked among the top five countries globally for malware detections, accounting for 5.5% of all threats. Online banking malware detection in India ranked 4th globally at 8.2% of all global threats in the first half of 2023. Manufacturing, Government, and Banking industries in India were the hardest hit, with malware families like COIMINER, MIMIKATZ, and POWLOAD posing significant risks.
Vijendra Katiyar, Country Manager for India & SAARC at Trend Micro said, “India is at a crossroads in cybersecurity. As cybercriminals become more sophisticated, our digital defenses are constantly being challenged. The rise of ransomware and malware attacks has had a significant impact on key sectors of our economy. To stay ahead of the curve, organizations need to be proactive in anticipating threats and bolstering their defenses with a unified cybersecurity platform.”
Key insights from the report pertaining to India:
- India is amongst the top three countries with the highest detections of risk events in the first half of 2023, after US and Brazil.
- India ranks 4th globally in online banking malware detection, contributing to a concerning 8.2% of all global threats. In the first half of 2023 alone, a substantial 5,609 online malware threats were identified, revealing a worrisome cybersecurity scenario.
- The government sector faced 18,862 malware attacks, while the banking sector faced 15,514 malware attacks.
- Spam attachments spiked significantly in June, with 3.9 million detections, a 1242% increase from the start of the year. PDFs emerged as the most commonly used spam attachment file type.
Trend Micro’s report also provides a set of potential actions to prepare for these scenarios, including:
1. Organizations need to shift left — putting into place all possible measures to prevent threats from entering networks — to anticipate ransomware attacks that could lead to extortion after cybercriminals gain access and steal data.
2. Investments in XDR and response would mean ample data, analytics, and integrations that security teams and researchers can use to monitor and investigate threat activity, as well as gain insights into how well their defenses are tackling such threats.
3. It is utmost for the enterprises to shift from a product to platform approach now. To shift from security tools to a cybersecurity platform that provides you an ecosystem integration rather than letting each security tool work in silos.
4. Companies investing in AI should keep in mind that the AI capabilities they harness to streamline operations also have legitimate security purposes. They can use these capabilities to combat criminals abusing the same technologies.