India saw 400 million malware detections in 2023, with sharp increase during G20 summit

The report points out that artificial intelligence (AI)-enabled malware will pose a significant threat in the coming year. Image: Shutterstock
 
In its annual India Cyber Threat Report, the Data Security Council of India (DSCI) highlighted the increasing risks of cyberattacks in the country. Incidents of cyberattacks saw a sharp increase in August-September, when India was hosting the G20 Summit. According to the report, there were 30.96 million detections in August, which increased to 33.06 million in September. These attacks resulted in 1,070 and 928 incidents in August and September, respectively.

The report points out there were 176 and 75 cyberattacks by the Hizbullah Cyber Team and Team Insane PK during the months of the G20 Summit in India. “In the upcoming election months, we are expecting heightened activity from within the country and outside. Cyberwar is the next frontier to fight on. We have to gear up and prepare ourselves to counter such cyberattacks,” says Vishal Salvi, CEO of Quick Heal Technologies.

Where industrial sectors are concerned, the automotive industry was the most targeted in 2023, followed by government institutes and the education sector. Mumbai, Pune, Chennai, and Bengaluru have the highest malware detection rates in absolute terms, amounting to 27 million, 19 million, 9.53 million, and 17 million respectively. However, Surat and Ahmedabad, emerging as new IT hubs, have the highest detection rate—14 million and 12 million respectively this year—relative to their installation bases. Furthermore, Telangana and Tamil Nadu emerged as the hotspots for cyberattacks this year. At 13.8 million and 20.14 million detections in 2023, the two states have the highest detection per installation ratio.

“Cybersecurity has ascended as a strategic concern at the board level owing to the multifaceted nature of cyber threats and the escalating monetary implications stemming from data breaches,” says Vinayak Godse, CEO of DSCI. He points out that malware is a significant threat, with cybercrime engineering becoming increasingly intricate with diverse attack methodologies.

Also read: Cyber criminals are getting smarter. Laws and awareness need to keep up

Looking at the subtypes of malware, the report found that 41 percent of them is a Trojan and 33 percent is an infector. However, ransomware constitutes only 0.74 percent of the total detections and is the most sophisticated and dangerous malware. “Ransomware authors continually evolve their methodologies and employ sophisticated techniques to evade traditional signature-based detection,” adds Godse. While the average malware detection-to-incident ratio was 1 per 38,000, the ransomware’s incident ratio was 1 per 650 detections.

Removable media and network drives cause more than 50 percent of attacks recorded in the country. These resulted from malicious links in websites and emails, making up more than 25 percent of the attacks.

The report points out that artificial intelligence (AI)-enabled malware will pose a significant threat in the coming year. Malware like BlackMamba, which runs on AI, has the potential to infiltrate Android OS. Multi-factor authentication fatigue attacks are also gaining prominence, which could increase next year.