India is one of the key countries affected by phishing attacks, where employees often click on malicious links or attachments that appear to be from legitimate sources, often leading to severe financial losses, reported Verizon Business, a New Jersey-based provider of cyber security solutions and products.
However, Verizon Business said, there was a silver lining as far as India was concerned as reporting practices have improved, with 20% of users now identifying and reporting phishing during simulation tests. This was only the first stepping stone, as enterprises can significantly reduce human error in cybersecurity by adopting a multi-pronged approach, it added.
The company also said in its 2024 Data Breach Investigations Report that espionage attacks dominate APAC’s cyber security landscape, including that of India. Some 25% of APAC cyberattacks are motivated by espionage, significantly greater than the 6% and % in Europe and North America, respectively, and the region experienced a 180% growth in vulnerability exploitation.
On an average, it took organisations surveyed about 55 days to patch 50% of their critical vulnerabilities and the non-malicious human element was involved in more than two-thirds of these breaches, the report said.
The report, was prepared after analysing 30,458 security incidents and 10,626 confirmed breaches in 2023 ( two-fold increase over 2022) in the APAC region. System intrusion, social engineering, and basic web application attacks represent 95% of breaches in APAC. The most common types of data compromised are credentials (69%), internal (37%), and secrets (24%), according to the study.