India Faces Escalating Cybersecurity Challenges: Trend Micro and Zscaler Reports Highlight Ransomware and Malware Threats

Trend Micro's Midyear Report Reveals India's Cybersecurity Challenges

India ranks among the top targets for email, ransomware and malware attacks putting key industries at risk India ranks 2 globally in email threats, accounting for 8.3% of total detections by Trend MicroIndia ranks 3 globally for malware detection, contributing 4.7% to the total threats identified by Trend MicroBanking sector hit hardest by Malware and Ransomware attacks followed by Government and Manufacturing in the first half of 2024 Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, recently unveiled its highly anticipated Trend Micro 2024 Midyear Cybersecurity Threat Report outlining India's heightened cybersecurity risks. The report underscores India's growing prominence as a prime target for sophisticated cyberattacks, such as email threats, ransomware and malware. With the nation's digital infrastructure rapidly expanding across critical sectors like Banking, Government, and Manufacturing, India now stands at the forefront of global cybersecurity challenges. The findings reveal an urgent need for organizations to strengthen their defenses against evolving cyber threats. Ransomware and Malware Surge While Japan and The United States currently lead the world in malware detections, India ranks third worldwide with 4.7% of all detected threats. Regionally, India holds the 2 spot in Asia, responsible for 9.95% of malware cases, and dominates South Asia with a staggering 94.2% of all malware detections highlighting its increasing vulnerability in this area. Notable malware families like CoinMiner, fakeMS, and Mudyupdate present severe risks to the nation's critical sectors. On the ransomware front, India ranks 10 globally and 6 in Asia, with 1,17,200 ransomware threats detected in 2024 -- accounting for 2.95% of global and 4.97% of Asia's ransomware incidents. In South Asia, India leads with 73.8% of ransomware cases, making it a dominant target. Key ransomware families such as WCry, Cobra, and GandCrab repeatedly attack critical industries like Banking, Government, and Manufacturing, which remain lucrative targets for financially driven ransomware gangs. Escalating Email Threats in the region India grapples with a surge in email-based attacks, ranking 2 globally, behind the United States and leading the charge in Asia. Out of 1,018 billion email threats worldwide, India accounted for an alarming 8.3%, translating to 84.17 million threats. Dominating South Asia, India is responsible for 92.27% of the region's email-based incidents, underscoring the critical need for organizations to prioritize robust email security solutions to defend against this rising menace. Commenting on the report's findings, Sharda Tickoo, Country Manager for India & SAARC, Trend Micro said, "As cybercriminals employ increasingly sophisticated tactics, key sectors in the region are increasingly under attack from ransomware, email threats, and malware. Staying ahead requires a proactive, unified platform approach rather than fragmented solutions. Our report provides strategic insights for businesses to strengthen their defenses, especially as emerging technologies like generative AI transform the threat landscape. The time to shift from reactive to proactive cybersecurity is now, with a focus on comprehensive threat detection and heightened awareness." Furthermore, the report indicates that globally, cloud-based apps, services, and assets are at heightened risk as cybercriminals are exploiting exposed credentials and vulnerabilities. The lack of updated endpoint protection on unmanaged devices further exposes businesses to significant risks. Additionally, cybercriminals have capitalized on the growing interest in AI technologies by employing tactics such as jailbreaking existing LLMs, bundling legitimate AI software with malicious payloads, and utilizing deep fake-generating AI tools. Trend Micro, dedicated to empowering organizations and individuals with advanced cybersecurity solutions to combat evolving threats in today's digital landscape, advises security leaders to: Implement measures to prevent threats from infiltrating networks, proactively anticipating ransomware attacks that could lead to extortion after data breachesTransition from isolated security tools to a unified platform approach that integrates seamlessly, enhancing overall security postureRecognize that AI capabilities can not only streamline operations but also serve legitimate security purposes against cybercriminals exploiting the same technologiesConduct training programs to educate end users on identifying and avoiding risky websites and links, as human error remains a critical vulnerabilityPrioritize the efficiency of Security Operations Centers (SOCs) by closely monitoring cloud applications as they become integral to daily operationsCollaborate with reliable security vendors that utilize a platform-based approach, ensuring resources are secured and continuously monitored for vulnerabilities About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fuelled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's AI-powered cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, Trend's platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 70 countries, Trend Micro enables organizations to simplify and secure their connected world. www.TrendMicro.com.

India Records the Second Highest Volume of Ransomware Attacks in APAC: Zscaler ThreatLabz 2024 Ransomware Report

Manufacturing, telecommunications, and technology emerge as top three targets of ransomware attacks in India Zscaler, Inc., the leader in cloud security, revealed in its annual Zscaler ThreatLabz 2024 Ransomware Report that India ranked second when it came to the volume of ransomware attacks successfully launched in the Asia Pacific and Japan region. This annual report analyzes the ransomware threat landscape from April 2023 to April 2024, tracking the latest attack trends, targeted sectors, ransomware families, and defense strategies. Findings in the report uncovered an 18% overall increase in ransomware attacks year-over-year globally, as well as a record-breaking ransom payment of US$75 million - nearly double the highest publicly known ransomware payout - to the Dark Angels ransomware group. ThreatLabz believes Dark Angels' success will drive other ransomware groups to use similar tactics, reinforcing the need for organizations to prioritize protection against rising and ever-more costly ransomware attacks. "Ransomware defense remains a top priority for CISOs in 2024. The increasing use of ransomware-as-a-service models, along with numerous zero-day attacks on legacy systems, a rise in vishing attacks and the emergence of AI-powered attacks, has led to record breaking ransom payments," said Deepen Desai, Chief Security Officer at Zscaler. "Organizations must prioritize Zero Trust architecture to strengthen their security posture against ransomware attacks. This is where an AI-powered Zero Trust platform like Zscaler helps organizations fast-track their segmentation journeys, reducing the blast radius as well as shutting down unknown vectors for future AI-driven attacks." India's rapid digital transformation, coupled with widespread AI and machine learning adoption, has positioned the country as a prime target for sophisticated cyber threats. ThreatLabz observed nearly 1.3 billion (135%) more AI transactions in APJ than EMEA -- largely driven by the high volume of transactions coming from India. The report reveals that ransomware extortion attacks have consistently surged across industries, with the number of victim companies listed on data leak sites increasing by nearly 58% since last year. While the manufacturing sector remains the most targeted in India, accounting for 28.89% of attacks, other industries such as healthcare (8.9%), technology (6.67%), pharmaceutical (6.67%), and financial services (8.9%) also faced significant risks. The report also highlighted the rise in AI-powered cyberattacks, emphasizing the importance of Zero Trust architecture to combat evolving threats. Despite the global surge in ransomware, India remained relatively flat in terms of growth in successful ransomware attacks - from logging 62 incidents in 2023 to 60 in 2024. However, ransomware attacks still remain a cause of concern, with vulnerabilities continuing to grow in light of the rising adoption of AI-driven attack vectors by threat actors. "India is at the forefront of digital transformation - leading the way on a global platform when it comes to the adoption of emerging technologies, such as AI/ML, to drive innovation. However, its successes have also drawn the attention of threat actors, making it a prime target for sophisticated cyber threats, including ransomware attacks. With the government's increased focus on driving cybersecurity resilience, it is more crucial than ever for Indian enterprises to adopt zero trust security frameworks," said Suvabrata Sinha, CISO in residence, India at Zscaler. "Our AI-powered zero trust platform is designed to mitigate risks, protect sensitive data, and ensure business continuity in an increasingly hostile cyber environment. By prioritizing zero trust, Indian businesses can better protect their digital assets, align with the government's initiatives, and maintain resilience against emerging cyber threats." ThreatLabz also identified the most active ransomware families in India, with LockBit leading at 23.33%, followed by BianLian at 16.67%, BlackCat (11.67%), 8Base (10%), and Mallox (5%). Globally, LockBit (22%), BlackCat (9%), and 8Base (8%) remain the top threats, with emerging groups like Dark Angels expected to drive future attacks. Zscaler remains committed to helping organizations minimize their attack surface, prevent initial compromises, eliminate lateral movement, and stop data loss through its Zero Trust Exchange™ platform. This AI-powered platform is designed to mitigate risks, protect sensitive data, and ensure business continuity in an increasingly hostile cyber environment. Zscaler helps enterprises stop ransomware with zero trust security From initial reconnaissance and compromise to lateral movement, data theft and payload execution, Zscaler helps organizations stop ransomware at every stage of the attack cycle: Minimize the attack surface: Zscaler effectively minimizes the attack surface by hiding users, applications and devices behind a cloud proxy, where they are not visible or discoverable from the internet.Prevent initial compromise: The Zscaler Zero Trust Exchange employs extensive TLS/SSL inspection, browser isolation, advanced inline sandboxing and policy-driven access controls to prevent users from accessing malicious websites as well as detect unknown threats before they reach your network.Eliminate lateral movement: Leverage user-to-app or app-to-app segmentation so that users connect directly to applications (and apps to other apps), not the network, eliminating the risk of lateral movement.Stop data loss: Inline data loss prevention measures, combined with full TLS/SSL inspection, effectively thwart data theft attempts. Zscaler ensures that data is secured both in transit and at rest. For a deeper dive into best practices for protecting your organization and the full findings, download the Zscaler ThreatLabz 2024 Ransomware Report. Methodology The research methodology for this report is a comprehensive process that uses multiple data sources to identify and track ransomware trends. The report team collected data from a variety of sources between April 2023 and April 2024. To identify and understand ransomware activity, Zscaler utilizes its global security cloud processing over 500 trillion daily signals, blocking 9 billion threats daily, and delivering 250,000+ security updates. The ThreatLabz Threat Intelligence team tracks ransomware families at scale through reverse engineering and automating malware analysis to develop effective response strategies. ThreatLabz also works closely with international law enforcement agencies and has played a significant role in recent actions, including Operation Duck Hunt and Operation Endgame. About Zscaler Zscaler accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange™ is the world's largest in-line cloud security platform.