India has emerged as the second most targeted nation for cyberattacks globally in 2024, with a staggering 95 Indian entities falling victim to data theft, according to a report by cyber intelligence firm CloudSEK. The findings, released in the ThreatLandscape Report 2024, highlight the growing threats to India’s digital infrastructure, which has been rapidly expanding in recent years.
The United States topped the list as the most targeted nation, with 140 cyberattacks, largely due to its economic dominance and extensive digital infrastructure. India, however, saw significant exposure, with 95 entities suffering data breaches throughout the year. This positions the country as a major target for cybercriminals looking to exploit the vulnerabilities of its swiftly digitising sectors.
Impact on key sectors
The report from CloudSEK indicates that the rise in cyberattacks in India is directly linked to the nation’s accelerated digital transformation. As more sectors move online, the opportunities for cybercriminals to exploit weaknesses have grown substantially. Among the most impacted sectors were finance and banking, which experienced the highest number of attacks, with 20 victims in 2024. This was closely followed by the government sector, where 13 entities were targeted, and telecommunications, with 12 victims. Other affected sectors included healthcare and pharma (10 victims) and education (9 victims).
India’s rapid digitisation, while boosting growth, has also exposed critical infrastructures to significant cyber risks. As government and corporate entities digitise more services, they have inadvertently expanded their attack surface, making them prime targets for sophisticated cybercriminals.
Major data breaches in 2024
The most alarming breaches in India, as detailed in the report, involved massive data leaks. One of the largest incidents was the Hi-Tek Group data breach, which resulted in the leak of approximately 850 million records of Indian citizens. Other major breaches included data leaks from Star Health and Allied Insurance, compromising sensitive customer data, and a massive 2TB data leak from Telecommunications Consultants India.
These breaches have raised serious concerns about the safety of personal and financial data in India, particularly in sectors that deal with sensitive information. As businesses and institutions shift more of their operations to digital platforms, the vulnerabilities exposed by these cyberattacks are putting millions of citizens at risk.
Ransomware attacks: A growing threat
The report also highlighted the alarming rise of ransomware attacks in India. CloudSEK recorded 108 known ransomware incidents in the country in 2024. The Lockbit ransomware group was identified as the most active in India, responsible for more than 20 incidents. Other significant ransomware groups targeting India included Killsec, with over 15 attacks, and Ransomhub, responsible for more than 12 attacks.
These ransomware attacks often disrupt operations, encrypting critical data and demanding hefty ransoms for its release. Ransomware has become a dominant form of cyberattack, affecting various industries in India. The growing prevalence of such attacks reflects the increasing sophistication and audacity of cybercriminals, as well as the need for stronger cybersecurity measures across the nation.
Geopolitical and sectoral vulnerabilities
The CloudSEK report also pointed to geopolitical factors that may be contributing to the rise in cyberattacks against India. The country’s position in the global digital economy, along with its key role in international finance and trade, makes it a lucrative target for adversarial actors. Furthermore, with tensions surrounding issues such as data privacy and sovereignty, India’s exposure to cyberattacks may only increase as geopolitical conflicts intensify.
Sectors like finance, government, and telecommunications are particularly vulnerable due to the sensitive nature of the data they hold. The healthcare and education sectors, though slightly less targeted, are still at risk as they often store valuable personal data and intellectual property.
More Read
The road ahead for cybersecurity in India
As India continues to modernise its digital infrastructure, the urgency of addressing cybersecurity vulnerabilities has never been clearer. The country’s rapid adoption of new technologies demands a robust approach to cybersecurity, with enhanced protections for sensitive data and a stronger focus on preventing ransomware and other cyberattacks.
India’s positioning as the second most targeted nation globally serves as a stark reminder that as the country strides ahead in the digital world, it must also bolster its cybersecurity frameworks to safeguard against the increasing frequency and sophistication of cyber threats. The government’s response, along with cooperation from the private sector, will be crucial in ensuring that the country can combat these growing cyber risks effectively.
As we move into 2025, India’s approach to cybersecurity will need to evolve rapidly, with greater emphasis on real-time threat detection, stronger encryption practices, and more stringent data protection laws to protect its rapidly growing digital economy from further cyberattacks.
