Enterprises continue to lose over a million dollars from successful cyberattacks, a trend that has been rampant in 2023, Kaspersky reveals. According to the global cybersecurity company, both the OT (operational technology) and IT (information technology) systems in India will continue to face threats this year, particularly ransomware.
India’s large base of end users and the high number of innovative enterprises have made it a prized target for cybercriminals. Globally, Kaspersky researches have shown that India is consistently among the top 12 targeted countries and territories for Advanced Persistent Threats (APTs).
With the growth in use of the digital medium within organisations in India, it is inevitable that the local ICT supply chain is stretched with visible vulnerabilities that become targets for cyberattacks. Particularly, data from Kaspersky shows that the cyberthreat to take note of in 2024 is ransomware.
Last year, over 200K ransomware incidents have been detected by Kaspersky cybersecurity solutions for businesses in India in 2023. Major ransomware groups like Fonix and LockBit targeted global as well as Indian organisations in various sectors including manufacturing, retail, agriculture, media and healthcare.
Fonix continues to run as a Ransomware-as-a-Service (RaaS) malware, despite claims of closure. LockBit, another popular ransomware, attacked major organisations in India by infecting Windows systems. In fact, it is the first ransomware to infect Apple systems as well.
“For three years in a row, file encryption has been the #1 problem faced by enterprises and organisations worldwide and in India. From the basic ransomware attacks like the Wannacry in 2017, we have reached the era of Ransomware 3.0 where we see triple extortion in the form of distributed denial-of-service (DDoS), reselling of data, and public blackmailing. The form of this attack has a wider impact on financial and reputational aspect of Indian companies,” says Jaydeep Singh, General Manager, South Asia, Kaspersky.
“Amidst this evolving threat matrix, securing both Information Technology (IT) and Operational Technology (OT) systems isn’t just a necessity; it’s the cornerstone of resilience, ensuring that our technological advancements thrive amidst adversarial tides, safeguarding not just our data, but the very essence of our industrial prowess,” he adds.
To address the evolving threat of ransomware against the IT and OT systems in India, Kaspersky highlights the urgent need for stronger cybersecurity defences through deploying threat intelligence capabilities.
For protections of Industrial Automation and Control Systems with an ecosystem of specialised, certified and natively integrated products and comprehensive set of services, the company also offers Kaspersky Industrial Cyber Security.
“We are living in an age when information is power. In the digital landscape of India, where Industry 4.0 converges with traditional manufacturing, the heartbeat of progress lies in the fusion of Threat Intelligence and Industrial Cybersecurity. Threat Intelligence illuminates the unseen, empowering proactive defense against evolving cyber threats, while Industrial Cybersecurity reinforces the bedrock of operations with robust defense mechanisms. Together, they form an indispensable duo, safeguarding not just data and assets,” explains Arun Gantayat, Head of Presales for South Asia at Kaspersky.
Kaspersky’s comprehensive threat intelligence portfolio offers organisations in India the capacity to stay ahead of cybercriminals with in-depth visibility into cyberthreats targeting them in particular as well the ability to inform their experts by supplying them with rich and meaningful context across the entire incident management cycle.
Gantayat highlighted two platforms under Kaspersky’s threat intelligence portfolio for Indian businesses:
- Kaspersky Threat Data Feeds service delivers real-time threat intelligence information to help organisations protect their networks and systems from cyberthreats. The data feeds include information on known malware, phishing websites, latest vulnerabilities and exploits, and other types of cyberthreats. Organisations can use this information to block malicious traffic, update their security software, and take other measures to protect themselves from cyberattacks.
- Kaspersky CyberTrace is a threat intelligence platform that integrates threat data feeds from multiple sources with detection and defense solutions so that users can immediately leverage threat intelligence for security monitoring, defensive actions and incident response activities in their existing security operations workflow.
For Industrial Automation and Control Systems in India, Kaspersky Industrial Cyber Security (KICS) is offers enterprises the ability to adopt a mature cybersecurity infrastructure. KICS platform, with natively integrated products and services, has been designed to protect the OT (operational technology) layers pf enterprises. Some of the elements include DCS, SCADA, HMIs, controllers like PLCs, IEDs, Robotic Automation, OT Networking equipment, Gateways, Operator and Engineering workstations.
KICS platform helps to pre-empt the threats and vulnerabilities, enforce policies and controls that neutralise threats, respond quickly to threat incidents and manage complex IT infrastructure from security standpoint.
