After Japan, India saw most cybersecurity attacks in APAC region in 2020: IBM

As businesses continue to grapple with WFH issues amid the new normal, a new survey has revealed that India, after Japan, faced the most number of cyber attacks in the Asia Pacific region in 2020.

According to IBM’s latest security report, titled 2021 X-Force Threat Intelligence Index, India witnessed 7% of all attacks in the region. The report did not specify the numbers for Japan, which topped the list. 

The Asia Pacific region experienced 25% of global attacks, closely following Europe at 31% and North America at 27%.

The findings come from X-Force, IBM’s cloud-based threat intelligence platform, which enables organisations around the world to learn about evolving security threats, the risks associated with them, and how to address them for enhanced cybersecurity. Every year, using the data gathered from providing actionable threat intelligence to customers, X-Force produces the Threat Intelligence Index report to help the world understand how the threat landscape is changing in the cyber world.

The latest report, created using billions of data points collected from X-Force and few other sources throughout last year, showed that most of the attacks against Indian companies took place between May and July 2020, with finance and insurance industries targeted the most. The two sectors faced about 60% of all attacks in the country in 2020. 

They were followed by organisations in the manufacturing and professional services segments. 

On the global scale too, insurance and finance sectors were the worst hit, followed by manufacturing, which took the eighth position in 2019, the report said. 

Ransomware threats on rise

Source: IBM

Ransomware was the biggest threat, making up 40% of all attacks in India, according to the report. Globally, ransomware attacks made up 23% of all security incidents, with just one group -- those behind Sodinokibi ransomware, also known as REvil -- making a profit of at least $123 million from such attacks.

Further, scan-exploit emerged as the top attack vector, leading to 35% of all attacks and surpassing the technique of phishing, which made up 33%. About 8% of all global attacks witnessed throughout the year were carried out by the exploitation of a single vulnerability -- a path traversal Citrix flaw. It left as many as 25,000 servers vulnerable, which contributed to the 233% YoY increase in server access attacks.

Indian companies were hit by cases of server access attacks and digital currency mining, the report said, without providing the exact figures. 

Sudeep Das, security software technical sales leader, IBM technology sales for India/South Asia, said that the company also witnessed instances of cybercriminals using relief efforts and public health information as spam lures as well as targeted attacks on critical components of the vaccine supply chain.

“The 2020 threat landscape in India was largely shaped by the pandemic. As the pandemic’s timeline of events and progress unfolded, so did attack trends shift,” he said, adding that the threats remain the same in 2021. 

Attacks in industries related to Covid-19 response efforts, such as healthcare, manufacturing, and energy, doubled year-on-year, according to the report.

“Organisations need to harden their cloud environments with a zero-trust approach to their security strategy and leverage AI to monitor, detect and contextualize dynamic behaviours and movements across hybrid cloud environments, to verify the legitimacy (or lack of) of a threat and automate a response,” Das said.

Using confidential computing to encrypt data during processing and ensuring a higher level of security will help, he added.