India among top 3 most affected countries in APAC by cyber-attacks: Report
India is one of the top three targeted countries in Asia Pacific (APAC) after North Korea and Taiwan by nation-state actors, according to a new report published by Microsoft on Friday. Additionally, India has also begun advancing cyber incident reporting requirements in the last 12 months, the study said.
While the US, Ukraine, and Israel continue to be most heavily attacked, in APAC, India stands at 13% in the region in terms of cyber-attacks after Korea (17%) and Taiwan (15%), the study showed.
The research also indicated that globally organizations saw human-operated ransomware attacks increase 195% since September 2022. These attacks are generally a “hands on keyboard” type of attack rather than an automated one, typically targeting a whole organization with customized ransom demands.
Attackers are also evolving attacks to minimize their footprint, with 60% using remote encryption, thereby rendering process-based remediation ineffective.
Furthermore, Ransomware operators are increasingly exploiting vulnerabilities in less common software, making it more difficult to predict and defend against attacks.
Password-based and Multi Factor Authentication (MFA) fatigue attacks have also surged this year. MFA fatigue attack, also known as MFA bombing, is a social engineering attack where attackers constantly push MFA authentication requests to the victim. For example, in this type of attack, the threat actor convince an employees they were from their IT department. After continuous attempts to get the users to approve a login request, Uber employees were eventually either worn down or tricked into approving.
Microsoft has observed approximately 6,000 MFA fatigue attempts per day over the last year.
Additionally, the first quarter of 2023 saw a dramatic tenfold surge in password-based attacks against cloud identities, especially in the education sector, from around 3 billion per month to over 30 billion — an average of 4,000 password attacks per second targeting Microsoft cloud identities this year.
Globally, the study found that attackers are increasingly using AI as a weapon to refine phishing messages and improve influence operations with synthetic imagery.
However, the researchers see AI as a double-edged sword which is used for successful defense, automating and augmenting aspects of cybersecurity such as threat detection, response, analysis, and prediction. For example, the
AI-powered cyber-defense reversing the tide of cyber-attacks; in Ukraine, for example, AI has helped defend against Russia.
Criminals are also looking to increase their anonymity and effectiveness, by using remote encryption to cover their traces more effectively as well as cloud-based tools such as virtual machines, it said.
To be sure, a report published last week by the Indian Future Foundation, a research firm that works on digital, Internet policies and related issues, said, globally, India ranks among the top 10 nations that witnessed the most cyber-attacks which should sound off alarms across the country. As per the report, a majority of the attacks are observed in data centres/IT/ITeS sector, followed by manufacturing, finance sectors, oil and gas, transport and power.