India one of the most affected countries by cyberattacks in APAC: Report

India has been one of the most impacted regions in Asia-Pacific, in terms of cyber security incidents, according to a new survey. The survey revealed that in 2021 itself, the country has witnessed an incessant rise in the number of cyber-attacks, especially in sectors such as construction, energy, transportation, retail, and mining. 

In its first Annual Report CyberRes, that specialises in cyber security and business resilience and is part of the UK-based a Micro Focus line of business, also said that the Air India data breach via SITA attack and the targeting of the India power sector by RedEcho have been listed under the most impactful cyber events of 2021 in Asia.

One-fifth of the total cyberattacks conducted in the region in 2021 were against Japanese entities (19.8%). India (14.3%), South Korea (11%), and Taiwan (9.9%) were among the countries affected most by cyberattacks in the Asia-Pacific region. Approximately 33% of the total cyberattacks conducted in the APAC region were meant for cyber espionage, followed by financial gain.

Globally, approximately 19.3% of the cyberattacks were ransomware. The services sector was most targeted globally, with 33.7% of cyberattacks, followed by the public sector (21.4%). There was a 200% growth in cyberattacks targeting the financial sector.

Also read: Firms increasingly vulnerable to supply chain attacks, says study

North America topped the list of most impacted regions, experiencing 33.5% of the total cyber issues reported, followed by Asia-Pacific at 23.5% and Europe at 20%. Almost 69% of the cyberattacks in North America were motivated by financial gain. Germany (21.6%) and France (18.3%) were the two countries affected most by cyberattacks in Europe.

In Latin America, LockBit ransomware accounted for 28.3% the region’s total ransomware attacks, followed by Prometheus ransomware with a share of 13%.

In the Middle East and Africa, 31% of the geopolitical and cybersecurity events were motivated by financial gain and political advantage. The telecommunication and technology sectors experienced the most cyberattacks in the Australia-New Zealand region with 35.7%, followed by financial services at 18.5% and the healthcare sector at 11.4%.

“Everyone is at risk from feeling direct or indirect impacts from cyberattacks, as all records were smashed last year in terms of the sheer number of cyberattacks on government entities, private-sector organisations, and individuals,” said Mark Fernandes, Global CTO at CyberRes.

“Unfortunately, this trend is continuing in 2022. One of the key effective defences is to maintain a clear understanding of the current landscape, tactics, and threats that could be emerging.”

CyberRes is not the only security provider highlighting cybersecurity threats in the region. According to the Verizon Business 2022 Data Breach Investigations Report published in May, there has been an alarming rise in ransomware breaches globally, including India, which increased by 13% in the past one year, representing a jump greater than the past five years combined. Anshuman Sharma, Head Investigative Response, APJ at Verizon mentioned that “the continued explosion of connected devices and widespread digitisation in multiple sectors has increased the likelihood of cyberattacks in India and elsewhere”.

Besides, India is the also the most affected country in the entire world when it comes to cyber scams, with almost 31% of the victim's losing money, according to a 2021 Microsoft’s Global Tech Support Scam Research, which pointed out that seven out of 10 Indian consumers have faced tech support related scams. These are a cause for concern as the study recommends government and private entities to adopt an integrated security approach, foster cybersecurity skilling, and strengthen collaboration between the public and private sectors for analysis and sharing of threat intelligence would be foundational to defend India from these largescale cyber threats.

The CyberRes report further predicted that in the future, Indian cyberspace is likely to see a lot of digital-native, cloud-native, and AI-native platforms, which could become easy targets unless cybersecurity controls are embedded. It said, the India government’s national cybersecurity strategy along with a national threat intelligence exchange platform, enabling the government can be useful for managing all the intelligence sources in one place and distribute them to the concerned bodies.