Single Indian organisation facing 2,152 cyber attacks, 20% up year-on-year

n H1 2023, 48 ransomware groups breached over 2,200 victims, with Lockbit3 being the most active, reporting a 20 per cent increase in victims compared to H1 2022.

New Delhi: The average number of attacks per organisation in India reached 2,152 attacks in the first half of 2023, reflecting a significant increase of 20 per cent (year-on-year), a report showed on Friday.

In H1 2023, 48 ransomware groups breached over 2,200 victims, with Lockbit3 being the most active, reporting a 20 per cent increase in victims compared to H1 2022.

The emergence of new groups like Royal and Play is associated with the termination of Hive and Conti Ransomware-as-a-Service (RaaS) groups, reports Check Point Research.

“Criminal activities have continued to rise in the first half of the year, with an 8 per cent surge in global weekly cyberattacks in the second quarter marking the highest volume in two years,” Maya Horowitz, VP Research at Check Point Software.

“Even legacy technology such as USB storage devices, which have long been gathering dust in desk drawers, have gained popularity as a malware messenger.” Horowitz added.

In terms of geography, 45 per cent of victims are in the US, with an unexpected rise in Russian entities due to the novel actor “MalasLocker”, which substitutes ransom demands with charitable donations.

The manufacturing and retail sectors have seen the most victims, suggesting a shift in ransomware attack strategy.

“Ransomware groups have stepped up their game, exploiting vulnerabilities in commonly used corporate software and shifting their approach from data encryption to data theft,” the report mentioned.

USB devices have resurfaced as significant threats, with both state-affiliated groups and cybercriminals deploying USB drives as vectors for infecting organisations globally.

“Hacktivism has seen a rise, with politically motivated groups launching attacks on selected targets,” the findings showed.

Artificial Intelligence misuse has amplified, with generative AI tools being used to craft phishing emails, keystroke monitoring malware, and basic ransomware code, calling for stronger regulatory measures, according to the report.

Back to top button