There is a cybersecurity alarm in the country: there has been a surge of 40% in incidents, in contrast with the global trend of the last five years. Cybercrime continues to be one of the most worrying threats, with the government, manufacturing, finance, and insurance sectors targeted. The results of the six-monthly update of the Clusit 2023 Report
Cyberattacks will increase in the first half of 2023, with 1,382 incidents recorded worldwide. However, while a slowdown in growth is observed globally – which stands at 11% (21% in 2022), just above the year-on-year trend recorded in the last five years – the situation appears much more worrying in India. There has been a surge of 40% in the country, well above the average.
This emerged from the presentation of the Clusit Report, the Italian Association for IT Security, during the Security Summit Streaming Edition, which took place recently. If we consider the period from 2018 to the first half of 2023, cyber-attacks have increased by 61.5% globally, while in India, the total growth is even 300%. Over the five years, 505 severe attacks were recorded in Italy, of which 132 (26%) occurred in the first half of 2023. April was the month that recorded the peak, with 262 reported incidents.
«If in the context of international tensions and a high-intensity conflict fought on the borders of Europe, at the end of 2022 India also clearly appeared in the crosshairs for the first time, in 2023 the trend was decidedly consolidated – he clarified Gabriele Faggioli, President of Clusit, commenting on the data – Considering that India represents 2% of the world GDP and 0.7% of the population, this data certainly gives pause for thought.”
America remains the geographical area most affected by cyber attacks, recording 46.5% of the total incidents. However, Europe remains involved in over 1/5 of global breaches during the first six months of 2023, maintaining the same percentage as the previous year.
Targets Of Cyber Attacks In 2023, In India And Around The World
The targets of attacks worldwide and in India reflect an evolving trend. Globally, cybercrime accounts for 84% of attacks, with over 1,160 cases recorded in the first half of 2023. This marks a return to growth after a brief dip in 2022, likely attributable to increased ransomware attacks and related economic fallout. In India, 69% of attacks are still attributable to cybercrime, but with a significant reduction compared to the 93.1% recorded in 2022.
However, Clusit experts underline that the number of attacks continues to grow steadily, with 91 incidents detected in the first six months of 2023. Cybercrime continues to be one of the most worrying threats, at least due to the volume it generates in full-blown incidents severe enough to be reported through the media. Although it recorded a slight decrease in 2022, it rose again in 2023 – Information & Cyber Security Advisor at Clusit -.
Thinking about the companies that make up the Indian market, cybercrime is classified as one of the most relevant phenomena to be taken into consideration and addressed precisely because, if we stick to a definition of risk calculated as the probability per impact, we understand well that the likelihood of becoming a victim at this moment is very high.”
A relevant aspect is the 30% increase in attacks classified as “Hacktivism” in India in the first half of 2023, representing a much higher share than the global average of 6.9% in 2022. There is, however, a widespread tendency to link these attacks to the geopolitical situation, with particular reference to the conflict in Ukraine and the campaigns of activist groups against India and other pro-Ukrainian nations.
Never before have technology, the digital world and cybersecurity played an essential role in the geopolitical context, and it is no coincidence that both in the Russian-Ukrainian conflict and the Israeli-Palestinian battle, cyber-attacks have always accompanied conventional wars on critical infrastructures to put operators of essential services out of action – added Carlo Mauceli, National Digital Officer of Microsoft India -. And the groups that operate in this context are the same groups that then work at company level.”
Who Are The Victims
In an increasingly complex global landscape plagued by cyber incidents, a detailed picture emerges of the distribution of attacks across different areas and sectors. 20% of global attacks were aimed at so-called “Multiple Targets,” i.e., targets belonging to other industries, hit simultaneously to maximize the number of victims in the shortest possible time.
This approach focuses on dispersing attacks across multiple targets, translating into an aggressive tactic to achieve large-scale impacts. Shifting the focus to individual sectors, it emerges that the Healthcare sector, with 14.5% of incidents, was one of the most frequent targets, followed by the Government/Military/Law Enforcement sector (11.7%).
Other sectors under attack include ICT, with 11.4%; financial/insurance, with 10.5%; and education, with 7.1% of global attacks. This variety of “under siege” industries highlights the need for a cybersecurity approach that is robust and adaptable, capable of addressing each industry’s specific challenges.
And To India?
In India, in the first half of 2023, the most significant number of attacks were aimed at organizations in the “Government” sector (23% of the total), followed closely by the “Manufacturing” sector (17%). It is worth highlighting that attacks on the manufacturing sector in India represent 34% of the total attacks of this type globally.
The Financial/Insurance sector saw the most significant increase in severe attacks in India, with 9% of attacks (compared to 3.7% in 2022). The number of attacks against victims in this sector exceeded the total number of attacks in 2022 in the first half of 2023.
On the other hand, the Healthcare sector in India maintains a constant position among the targets, in contrast to the global situation, where the healthcare sector is the most affected. Fortunately, the growth of attacks on this sector has been halted in India. However, in absolute terms, with the overall increase in attacks in the first half of 2023, the Indian health sector also recorded a 33% increase compared to the previous year.
The Attack Techniques, The Malware At The Top Of The Ranking
But what were the most successful techniques? According to the report, the cyberattack landscape continues to evolve, with an increase in unknown techniques and vulnerabilities. In the first half of 2023, more than 35% of attacks were successful thanks to malware, although there was a slight decline compared to the previous year. In second place, with 21% of attacks, are the unknown techniques, defined in the “Unknown” category.
Furthermore, almost 17% of attacks worldwide were carried out in the first half of the year by exploiting vulnerabilities. This category recorded a growth of 4.8 percentage points and Phishing/Social Engineering, which decreased by 3.4 percentage points compared to 2022.
In parallel with the increase in hacktivism and information warfare, DDoS attacks (an acronym for Distributed Denial of Service) – which aim to overload the resources of an online service to make it inaccessible or unusable – have recorded a growth of 3 8%, while Those of the “Identity. The ” theft/Account Hacking” type increased by 0.3%.
In India, malware and ransomware remain criminals’ primary attack techniques, but to a lesser extent than in 2022. The share of attacks of this type stands at 31%, four percentage points less than the global figure and much less consistent than the previous year when it was 53%. However, DDoS attacks are recording more than significant growth in our country; their incidence has gone from 4% in 2022 to 30% in the first half of 2023, representing a share five times higher.
It is, therefore, no coincidence that Indian victims suffered a more significant number of DDoS attacks, representing approximately 37% of the total recorded in the global sample. The number of phishing and social engineering attacks is also growing, with a more significant impact in Italy than in the rest of the world (14% vs 8.6%).
«For the first time since the ransomware phenomenon exploded – stated Paolo Giudice, General Secretary of Clusit – we are witnessing a significant change in the methods and objectives pursued by attackers, who evidently manage to achieve their goals more effectively by using different techniques.
This growth is indicative of a strong need for awareness and an increase in awareness of cyber threats among users who deal with IT systems on a daily basis. These are attacks that can cause economic damage to the victims who suffer them, as well as having a significant effect in terms of reputation, as they are often carried out with a purely demonstrative purpose.”
This correlation between the increase in DDoS attacks and the growth in hacktivism incidents highlights how this technique is used to disrupt the activities of a company or institution to attract media attention to a political or social cause and highlight their defensive vulnerability.
From the severity point of view, India presented a more positive picture in the first half of 2023 than the global data. “Critical” type incidents represent 20% (compared to 40% globally), while the majority of attacks fall into the “High” (48% in India compared to 38% global) and “Medium” (30% in India ) categories. Compared to 21% globally). There are also 2% of incidents with low criticality.