Cyberattacks targeting India-based organizations continue to double year-over-year, a rate far higher than the global average, highlighting the rapidly rising risk facing companies and government agencies in South Asia.
Overall, organizations in India encountered nearly 1.2 billion attacks in the third quarter of 2024, up from about 600 million in the same quarter in 2023, according to a quarterly report published by Indusface, a managed application security provider. Some 377 million denial-of-service (DoS) events and 215 million bot-based requests targeted API services and Web servers utilizing the firm’s Web application and API protection (WAAP) service.
While attackers typically have used denial-of-service (DoS) attacks powered by bots against businesses, they are evolving, Ashish Tandon, founder and CEO of Indusface, said in a statement to Dark Reading.
Attackers are now focusing “on exploiting websites and APIs using diverse attack vectors,” he said. “The rise of large language models (LLMs) has significantly lowered the barrier for executing vulnerability attacks, as reflected in our data, which shows triple-digit growth in such incidents.”
The third-largest economy in Asia, India saw 5.4% growth overall in the third quarter, which is driving attackers to more often target Indian organizations — 44% of businesses have suffered a data breach costing at least $500,000 in the past three years, PricewaterhouseCoopers (PwC) stated in its “2025 Global Digital Trust Insights” (India edition). The attacks have resulted in Indian executives prioritizing cybersecurity over other risks, with 61% designating it one of their top three priorities.
“Top cyber-risks, including cloud-related threats, attacks on connected products, social engineering and software supply chain compromises, are areas where security executives feel particularly underprepared,” PwC India stated in the report.
Cyberattacks in India Accelerating
In the second quarter of 2024, cyberattacks doubled both globally and against India-based organizations, rising 105% and 115%, respectively, Indusface stated. While the number of cyberattacks continued to balloon in the third quarter, the expansion decelerated globally, growing only 26% in the third quarter of 2024, compared with a year earlier.
In India, however, attacks continued to skyrocket, jumping 92% compared to the same quarter the previous year, the company stated in its “State of Application Security” report for Q3 2024. In August, the Reserve Bank of India (RBI) issued a warning to companies that their increasing use of digitization comes with increased risks.
“While the DDoS attacks in India [were] similar to the last year, there was a huge growth in the bot and vulnerability attacks in India,” the company stated, adding that attacks in general were on the rise because of attackers’ use of AI tools.
“A big part of [the increase] could be because of the widespread use of LLM tools such as ChatGPT, which enable novice hackers to easily find and deploy scripts that could exploit open vulnerabilities,” the company said. “This accessibility has lowered the barrier to entry for cybercriminals, resulting in an unprecedented rise in vulnerability exploitation.”
Cyber-Risks Heightened for Banks, Utilities
Cyberattackers have tended to target specific industries in India, with the banking, financial services, and insurance industries collectively seeing twice as many attacks compared with the global average, while power and energy saw four times as many attacks per website, Indusface stated in its report.
“We believe that these industries are targeted for geopolitical reasons, as this will lead to disruption in all essential services,” says Phani Deepak Akella, vice president of marketing for Indusface. He adds, “Last year, we saw more DDoS attacks, but this year we are seeing more growth in attacks targeting vulnerabilities. This could be because of LLM adoption, where hackers can get ready made scripts to exploit vulnerabilities such as SQL injection, for example.”
Companies in India suffer from many of the same issues as businesses worldwide, especially around managing vulnerabilities in their attack surface area. Only 19% of companies use an automated scanner to manage their API security, with 45% using manual penetration testing and more than a third (36%) not testing their APIs, according to Indusface.
In addition, companies are slow to patch vulnerabilities in the software used to serve APIs, with more than 30% of critical and high-severity CVSS vulnerabilities remaining unpatched more than six months after discovery. Some 5 million attacks targeted the vulnerable API services, the firm noted.
Security misconfiguration and identification and authentication failures were the top classes of vulnerabilities discovered in production API servers, according to the firm’s report. Web applications typically had blind SQL injection, server-side request forgery, and HTML injection issues.
Source: www.darkreading.com