In February 2022, IndiaTimes.com noted that, according to the research conducted at University of Surrey, attacks on businesses and government in India have doubled in the past three years. The number of successful cyber-attacks in India has been growing almost on a monthly basis. In 2021, India recorded well over 3,000 victims of cybercrimes, right behind the United States, United Kingdom, and Canada, which rank first, second, and third, respectively.
As in the rest of the world, the drivers for much of this increase in India are the ongoing digital transformation, the growth in the use of mobile and IoT devices, and the increase in remote work associated with the COVID19 pandemic. These factors have increased the available attack surface across all of IT. Since the beginning of the pandemic, organizations in India have seen a 4,000-percent increase in the number of phishing emails. Approximately two-thirds of these same organizations have fallen victim to cyberattacks since shifting to a remote work model. In some cases, as in the attack on the power grid supplying Mumbai, cyberattacks are politically motivated. Cyberattack activity has driven the Indian cyber security services and products to a total of $9.85 billion in revenue in 2021. Cyber security services industry grew from $4.3 billion in 2019 to $8.48 billion in 2021, and this represents a cumulative average growth rate of 40.33 percent. Almost in lockstep, the cybersecurity products industry grew from just $740 million in 2019 to $1.37 billion in 2021, and this represents another very high cumulative average growth rate of 36.49 percent. In roughly the same time period, India’s cyber security workforce grew from approximately 110,000 employees in 2019 to over 218,000 in 2021.
In February 2022, Air India experienced a major cyberattack that compromised approximately 4.5 million customer records. Passport, ticket, and some credit card information was compromised. The breach involved all information registered between August 26, 2011, and February 20, 2021.
A high-profile India-based payment company, Juspay, suffered a data breach impacting 35 million customers. This breach was announced in early 2021 but happened approximately five months earlier, in 2020. This breach is very noteworthy because Juspay handles payments for online marketplaces, including Amazon and other big players. Data breached and released on the dark web and made available for purchase included credit card information and fingerprint scans. In 2020, approximately 82% of Indian companies suffered ransomware attacks. In 2021, the impact of ransomware activity in India drove the cost of recovery from approximately $1.1 million in 2020 to $3.38 million in 2021. According to official estimates, in 2021, ransomware attacks increased by 120 percent.
Even government agencies with the highest levels of cyber protection are not exempt from the barrage of attacks. In 2021, the personally identifiable information (PII)— names, mobile phone numbers, emails, dates of birth, and more—of over 500,000 Indian police personnel went up for sale on the dark web.