Indian Industry Cybersecurity Report 2024: Trends, Insights, and 2025 Recommendations by SecureClaw

SecureClaw’s Cyber Threat Advisory team has studied more than 5,000 cyber-attack news stories worldwide in the year 2024, and here is a snapshot of its annual report. These diagrams showing analysis of India‘s industry-targeted cyber-attack trends were observed through various media sources and research articles. Some were directly from India, whereas others were generic about the whole of Asia, and many cyber-attacks were happening in industries worldwide, not specific to a particular region.

The Indian Computer Emergency Response Team (CERT-In) has issued new guidelines under Section 70B of the Information Technology Act, 2000, requiring all cybersecurity incidents to be reported within six hours of noticing or being informed about them. These guidelines are part of an effort to enhance the country’s cybersecurity posture and ensure timely responses to potential threats. In reality, many organisations never report the cyber incident because of concerns like fear of damage to their reputation. Hence, no one can identify exact statistics for the cyber-attack trends.

There are two cyber threat terms mostly visible in many cyber-attack news stories: “Malware” and “Ransomware.”

Malware is malicious software designed to harm computer, server, client, OT, IoT, or network confidentiality. Common types include viruses, worms, trojans, ransomware, spyware, adware, and rootkits. Malware can infiltrate systems through phishing emails, infected files, malicious websites, or exploiting software vulnerabilities. Once installed, it can steal, encrypt, or delete data, hijack core functions, spy on user activity, and lock users out until a ransom is paid.

Ransomware attacks initially focused on encrypting victim systems or data and demanding ransom for the decryption key. However, gangs have since evolved to include double and triple extortion techniques. Double extortion involves encrypting data and taking a backup before encryption, threatening to leak it online. Hence, only having a backup ready to restore doesn’t help the victim. In triple extortion, attackers use stolen data to target customers or business partners through DDoS attacks. Ransomware attacks can be costly, with average costs reaching millions of dollars, and pose a significant threat due to their speed and difficulty in tracing attackers.

Key campaigns and ransomware include:

• FlightNight: Targets Indian government and energy sectors.
• LightSpy: Sophisticated spyware targeting iOS devices.
• Black Basta, RansomHub, Akira, and LockBit: Prominent ransomware variants.
• Fortibitch: Focused on database breaches without malware installation.

Recommendations for Cybersecurity

Dr. Shekhar Ashok Pawar, founder of SecureClaw, emphasises that defence in depth methodologies are crucial. Organisations should implement Preventive, Detective, Deterrent, Recovery, and Corrective controls to mitigate threats effectively. Key focus areas include reputation damage, productivity loss, intellectual property theft, and compliance with regulations like India’s DPDP Act.

Challenges for MSMEs

Micro, small, and medium enterprises face hurdles in adopting cybersecurity due to limited funding, lack of expertise, and generalised frameworks. SecureClaw’s Business Domain Specific Least Cybersecurity Controls Implementation (BDSLCCI) framework addresses these challenges by providing cost-effective and tailored solutions for specific business domains.