India witnessed a 133% rise in ransomware attacks and a 311% increase in Internet-of-Things attacks, according to the 2023 Mid-Year Cyber Threat Report by SonicWall, publisher of cyberattack intelligence and ransomware data.
The biannual report shows evolving tactics from digital threat actors as they choose malicious attacks different from those used in the years past.
Overall intrusion attempts rose, led by the highest year on record for global cryptojacking volume recorded by SonicWall, as threat actors shifted from traditional ransomware attacks to stealthier ones. Data suggests that increased law enforcement activity, heavy sanctions and victims' refusal to pay ransom demands have altered criminal conduct and threat actors are targeting other means of revenue.
"While India saw a lesser rise in crypto attacks, there has been a huge rise in ransomware and IoT attacks overall," Debasish Mukherjee, vice president, regional sales, Asia-Pacific and Japan, SonicWall, said. "These rises in cyberattacks pose great risks to India's economic ambitions, with industries from manufacturing to pharmaceuticals becoming more vulnerable as they continue to digitise operations."
"Threat actors are relentless, and our data indicates they are more opportunistic than ever, targeting schools, state and local governments, and retail organisations at unprecedented rates," SonicWall CEO Bob VanKirk said.
Rise Of Cryptojacking
The report shows that cybercriminals are diversifying their skillsets to attack critical infrastructure, forcing organisations to reconsider their security needs. Although there was a 41% decline in global ransomware attempts, a variety of other attacks have sprung up globally, including cryptojacking by 399%, IoT malware by 37% and encrypted threats by 22%.
"Bad actors are pivoting to lower cost, less risky attack methods with potentially high returns, like cryptojacking," said Bobby Cornwell, vice president of product security, SonicWall. It also explains the reason we're seeing higher levels of cybercrime in regions like Latin America and Asia. Hackers search for the weakest points of entry, with the lightest possible repercussions, Cornwell said.
Prominent attacks continued to plague enterprises, cities, airlines and even K-12 schools, causing widespread system downtime, economic loss and reputational damage, the report shows. Several industries saw a huge growth in cryptojacking attacks: education up by 320 times, government by 89 times and healthcare by 69 times.
Diversified Cyberattack Strategies
The report offers insight on a range of cyber threats, including:
Malware: Total global malware volume dipped slightly (2%) in the first half of 2023, with the US and the UK logging the biggest dips of 14% and 7% respectively. Europe saw an 11% increase, while Latin America witnessed a 19% jump, suggesting a geo-migration of threat actor behaviour from traditional hotspots to opportunistic locations.
Ransomware: Although overall ransomware numbers declined 41% globally, they spiked 73.7% in Q2 when compared to Q1.
IoT Malware: Global volume rose by 37%, totalling almost 78 million hits by the end of June. With the increase in the number of connected devices, bad actors are targeting weak points of entry as potential attack vectors.
Encrypted Threats: Another approach taken by bad actors in the last six months was encrypted threats, which climbed 22% globally.
Never-Before-Seen Malware Variants
A total of 1,72,146 never-seen-before malware variants were identified in the first half of 2023, which is down by 36% year-over-year, suggesting that bad actors are spending less time on research and development and more on volume-based attacks, according to SonicWall.
Despite the dip in never-before-seen malware variants, the threat landscape remains complex, with almost 1,000 strains of new variants discovered each day.
“BQ Prime Exclusive Users”
this article for
FREE stories limit