As India awaits the implementation of DPDP Act rules, cyberattacks have left Indian citizens’ data vulnerable on the Dark Web.
India’s rapid digital development, which has made the country the world’s third-largest digital economy in 2024, creates a favorable environment for cyberattacks. Ever-evolving digital tools have transformed multiple sectors and fueled entrepreneurship, but they also attract malicious actors seeking to exploit the weaknesses of the digital infrastructure.
According to a study by Positive Technologies, the majority of stolen data (61%) is personally identifiable information of companies’ customers and employees. A cyberattack on just one major Indian electronics manufacturer in April 2024 resulted in the theft of 7.5 million customer records. As for the most common cyberattack tool, 23% of successful attacks were carried out by using ransomware, according to hacker groups.
India is among the top three countries in terms of the number of dark web ads related to leaked and stolen databases. This is the most popular dark web topic for India: database-related ads account for 42% of all posts.
The number of distributed denial-of-service (DDoS) attacks on Indian infrastructure has increased by 50% since the beginning of 2024.
Overall, 85% of the DDoS attacks in Indian cyberspace target the financial sector, while the remaining 15% target government agencies. For example, the Indian Space Research Organization alone has to fend off more than 100 hacker attacks every day.
More than half of the databases (66%) are being distributed for free: experts attribute this to the activity of hacktivists and ransomware groups in the region. In most cases, hackers gained access to data from scientific and educational institutions, financial organizations, government agencies, and commercial companies.
“Our analysis of dark web markets offering cybercrime services shows that only 29% of hacked databases are then sold. Sellers frequently offer databases of financial organizations, service companies, and retail businesses. In 40% of the ads, the price does not exceed $1,000 per database. Buyers’ ads account for only 5% of the region’s dark web and indicate the most common areas of interest for cybercriminals, one of them being financial data,” according to Anastasia Chursina, Analyst at Positive Technologies.
Access credentials are the second most popular cybercrime service, accounting for 23% of posts on dark web forums. Unlike databases, which are distributed mostly for free, credentials are often sold, granting access to the IT infrastructure of commercial, financial, and service companies. According to the study, more than 60% of all access credentials can be bought for less than $1,000, but sellers charge more for access to financial organizations.
For example, access credentials for an Indian bank, with administrator privileges and the ability to connect to internal portals and servers connected to ATMs and mobile applications, are offered for $70,000 and more.
Experts at Positive Technologies highlight the need for the region to address the significant number of dark web offers related to databases and credentials that grant access to corporate IT infrastructures. The low price of access credentials and free-of-charge distribution of personal data may contribute to an increase in cyberattacks targeting companies and government agencies in the country. The experts recommend that organizations establish comprehensive protection based on the principles of results-driven cybersecurity.
Read More:Government not exempted from DPDP Act, MeitY informs stakeholders