India amongst top three most targeted APAC countries as AI use, ransomware increases: Report  

India featured amongst the top three most targeted APAC countries as the use of AI and ransomware increased the sophistication and speed of attacks  

October 07, 2023 10:42 am | Updated 10:42 am IST

India began advancing cyber incident reporting requirements in the last 12 months [File]

India began advancing cyber incident reporting requirements in the last 12 months [File] | Photo Credit: REUTERS

India is among the top three most targeted countries in the APAC region by nation-state actors as cybercriminals used AI to create new threats, increased the speed and sophistication of ransomware, and attempted password-based and Multi-Factor Authentication (MFA) fatigue attacks.

India began advancing cyber incident reporting requirements in the last 12 months. For Transmission Control Protocol attacks, while India was the second most targeted country last year, it has now come down to the fifth, given recent geopolitical shifts, Microsoft said in its Digital Defence Report.

While AI was also used in creating new opportunities for defence, Microsoft blocked an average of 4,000 password attacks per second targeting its cloud identities, the company shared.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

The use of AI creates new threats, opportunities

Cybercriminals are increasingly using AI as a weapon to refine phishing messages and improve influence operations with synthetic imagery. However, AI will also be crucial for successful defence, automating and augmenting aspects of cybersecurity such as threat detection, response, analysis, and prediction, the report shared.

And while threat groups have significantly accelerated the pace of their attacks over the last few years, Microsoft says its built-in protections across its products blocked tens of billions of malware threats, thwarted 237 billion brute-force password attack attempts, and mitigated 619,000 distributed denial of service (DDoS) attacks that aim to disable a server, service or network by overwhelming it with a flood of Internet traffic.

Increase in ransomware attacks

The report further shared that organisations saw human-operated ransomware attacks increase 195% since September 2022. These attacks were found to be “hands-on keyboard” types of attacks rather than automated ones, typically targeting a whole organisation with customised ransom demands.

Attackers were also found to have evolved attacks to minimise their footprint, with 60% using remote encryption, thereby rendering process-based remediation ineffective.

Ransomware operators were also found to increasingly exploit vulnerabilities in less common software, making prediction and defence more difficult.

Password-based and MFA fatigue attacks increase

Threat actors are also increasingly taking advantage of “MFA fatigue” to bombard users with MFA (Multi-Factor Authentication) notifications in hopes they will accept and provide access to sensitive information.

Approximately 6,000 MFA fatigue attempts per day were observed by Microsoft, the report shared.

Password-based attacks against cloud identities also witnessed a tenfold surge, with the education sector witnessing around 3 billion per month to over 30 billion – an average of 4,000 password attacks per second targeting Microsoft cloud identities.

The report from Microsoft covers activities observed between July 2022 and June 2023, across nation-state activity, cybercrime and defence techniques.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.