![India began advancing cyber incident reporting requirements in the last 12 months [File]](https://th-i.thgim.com/public/incoming/gbmq6u/article67391821.ece/alternates/LANDSCAPE_1200/2023-08-15T180403Z_1772422653_RC2I62AKNGFW_RTRMADP_3_LATAM-CYBERCRIME.JPG "India began advancing cyber incident reporting requirements in the last 12 months [File]")
India is among the top three most targeted countries in the APAC region by nation-state actors as cybercriminals used AI to create new threats, increased the speed and sophistication of ransomware, and attempted password-based and Multi-Factor Authentication (MFA) fatigue attacks.
India began advancing cyber incident reporting requirements in the last 12 months. For Transmission Control Protocol attacks, while India was the second most targeted country last year, it has now come down to the fifth, given recent geopolitical shifts, Microsoft said in its Digital Defence Report.
While AI was also used in creating new opportunities for defence, Microsoft blocked an average of 4,000 password attacks per second targeting its cloud identities, the company shared.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
The use of AI creates new threats, opportunities
Cybercriminals are increasingly using AI as a weapon to refine phishing messages and improve influence operations with synthetic imagery. However, AI will also be crucial for successful defence, automating and augmenting aspects of cybersecurity such as threat detection, response, analysis, and prediction, the report shared.
And while threat groups have significantly accelerated the pace of their attacks over the last few years, Microsoft says its built-in protections across its products blocked tens of billions of malware threats, thwarted 237 billion brute-force password attack attempts, and mitigated 619,000 distributed denial of service (DDoS) attacks that aim to disable a server, service or network by overwhelming it with a flood of Internet traffic.
Increase in ransomware attacks
The report further shared that organisations saw human-operated ransomware attacks increase 195% since September 2022. These attacks were found to be “hands-on keyboard” types of attacks rather than automated ones, typically targeting a whole organisation with customised ransom demands.
Attackers were also found to have evolved attacks to minimise their footprint, with 60% using remote encryption, thereby rendering process-based remediation ineffective.
Ransomware operators were also found to increasingly exploit vulnerabilities in less common software, making prediction and defence more difficult.
Password-based and MFA fatigue attacks increase
Threat actors are also increasingly taking advantage of “MFA fatigue” to bombard users with MFA (Multi-Factor Authentication) notifications in hopes they will accept and provide access to sensitive information.
Approximately 6,000 MFA fatigue attempts per day were observed by Microsoft, the report shared.
Password-based attacks against cloud identities also witnessed a tenfold surge, with the education sector witnessing around 3 billion per month to over 30 billion – an average of 4,000 password attacks per second targeting Microsoft cloud identities.
The report from Microsoft covers activities observed between July 2022 and June 2023, across nation-state activity, cybercrime and defence techniques.
