By: Raj Sivaraju, President, APAC, Arete
India faces increasing incidents of cyber intrusions, supply chain vulnerabilities, AI-enhanced risks, zero-day exploits, and cloud infrastructure challenges. The ability to navigate these challenges relies on proactive awareness and defense adaptations to match the accelerating pace and expanding scale of emerging situations.
Ransomware continues to pose significant threats to Indian organisations, with a 53 percent increase in attacks. Sectors most affected include IT services, financial institutions, and manufacturers, as highlighted in the India Ransomware Report. Various strains like Lockbit, Hive, and BlackCat/ALPHV infiltrate networks using tactics such as credential theft and social engineering to encrypt data, demanding payments for decryption.
Strengthening defenses against ransomware involves implementing air-gapped backups, robust access management protocols, and comprehensive security training for all employees. Effective incident response plans can aid in containing and remedying attacks swiftly upon detection. While cyber insurance might offset some recovery costs, enhancing fundamental cyber hygiene remains crucial in managing the surge in ransomware incidents.
Supply chain challenges
Geopolitical tensions, climate disruptions, and economic uncertainties create potential disruptions within supply chains in 2024. To reduce dependencies, India aims to broaden partnerships across more stable regions. However, fragmented supply chains enable cyber intrusions against partners, impacting primary targets.
Securing interconnected supplier ecosystems requires unified policies, controls, and monitoring across the entire environment. Enforcing baseline security standards for vendors and devising continuity plans for inevitable disruptions are recommended. Regular audits help verify controls as configurations evolve within the dynamic supply chain landscape. Developing domestic infrastructure alternatives could also mitigate risks associated with foreign coercion.
As artificial intelligence presents opportunities for problem-solving, it also amplifies risks by enabling hackers to exploit vulnerabilities, infiltrate networks, and bypass defenses at machine speed. Threat actors misuse AI spans initial access, command and control, data theft, and adversarial innovations against security measures.
To counter AI-driven attacks, deploying AI-based defenses tailored to match evolving threat patterns is essential. Implementing ethical frameworks to govern AI development and cyber use cases could mitigate potential damage. Regular software updates, access isolation, and ongoing user training against evolving social engineering techniques are imperative as these attacks continue to evolve.
The rate of software defects surpassing patching efforts allows hackers to exploit unresolved flaws, primarily targeting common platforms like VPN infrastructure. Risks escalate with enterprise technologies connecting.
Minimising exposure demands urgent patch deployment and intentional reduction of attack surfaces through strategies like micro-segmentation, strict access privileges, and security-focused architectures. Continuous network traffic analysis, AI-driven threat detection, and stringent access rules aid in early intrusion detection. Encouraging coordinated disclosure and swift mitigation of discovered zero-days through industry incentives and secure reporting channels is crucial to impede threat actor exploits.
Cloud security concerns
Migrating applications and data to the cloud offers scalability and collaboration benefits but widens the enterprise attack surface. The shared responsibility model governing cloud security reduces visibility and control across associated services, interfaces, identities, and configurations.
Initial priorities include centralising security policy administration and adopting specialised tools designed for cloud environments. Compartmentalising access levels and embedding governance checks through continuous configuration audits help manage exposure risks with this inevitable technology shift.
Given the increasing frequency and complexity of cyber incidents, Indian organisations must avoid complacency. Priorities such as expanded training, security partnerships, automation, and resilience principles like zero trust are essential in maturing defensive strategies throughout 2024. Key focus areas include browser isolation, exchanging threat intelligence with domestic and global partners, self-healing perimeter controls, and fostering transparency frameworks for collective response. Through urgency, collaboration, and strategic technology investments, cyber defenders can effectively confront adversary challenges for a more secure digital future.”