India's Critical Infrastructure Suffers Spike in Cyberattacks

A variety of rapidly digitized critical infrastructure sectors in India — from finance to government systems and from manufacturing to healthcare — now are facing increased cyberattacks and cyber threats.

Consider this: A hacking group in April of this year leaked 7.5 million records containing personal information stolen from India's leading manufacturer of wireless audio and wearable devices boat. Most recently, the Reserve Bank of India — the nation's central bank — called out increased digitization as a potential risk for the country's financial infrastructure. Cyber incidents against finance and handled by the national CERT team jumped to some 16 million incidents in 2023, up from 53,000 in 2017, according to a recent report by RBI.

The vast majority of banks and most non-bank financial companies (NBFCs) consider cybersecurity to be a primary challenge to their ability to transition to digital technologies, according to the bank's report. "Digitalisation could pose financial stability concerns owing to cybersecurity threats, data breaches, and the speed at which information and rumours can flow through the system," the RBI stated in its report. "Cyber fraudsters are increasingly targeting financial institutions instead of end users globally."

India's financial sector is not alone. Public sector and government systems have seen a dramatic increase in cyberattacks, with most installation seeing cyberattacks grow by at least half.

Earlier this year, a hacking group targeted government agencies and energy companies with a Trojan dubbed HackBrowserData. Meanwhile, Pakistan, and China frequently target Indian organizations in cyber operations, such as recent Cosmic Leopard operations in the region.

Overall, 83% of organizations in India reported at least one cybersecurity incident in the last year, placing the country at No. 4, behind Vietnam (94%), New Zealand (90%), and Hong Kong (86%) in rankings for the Asia-Pacific region, according to a Cloudflare report.

The primary challenges hobbling the adoption of digital technologies. Source: RBI staff estimates based on survey responses from 25 banks and 55 NBFCs.

On a global level, the country is the fifth most breached nation and needs to focus more on cybersecurity, says Partha Gopalakrishnan, founder of PG Advisors, an AI and digital transformation consultancy.

"India could benefit from even more robust cybersecurity measures," he says. "The main piece of legislation governing cybercrime is the Information Technology Act 2000 ... now, 24 years old and outdated."

Top Worries: Cloud and Devices

Indian organizations are most concerned about cloud-related threats (52%), attacks on connected devices (45%), hack and leak operations (36%), and software supply chain compromises (35%), according to PwC's The C-Suite Playbook report for India.

The adoption of emerging technologies such as AI and cloud and the focus on innovation and remote working has driven digital transformations, thus boosting companies' need for more security defenses, according to Manu Dwivedi, partner and leader for cybersecurity at consultancy PwC India.

"AI-enabled phishing and aggressive social engineering have elevated ransomware to the top concern," he says. "While cloud-related threats are concerning, greater interconnectivity between IT and OT environments and increased usage of open-source components in software are increasing the available threat surface for attackers to exploit."

Indian organizations also need to harden their systems against insider threats, which requires a combination of business strategy, culture, training, and governance processes, Dwivedi says.

AI for Good, AI for Evil

The growing demand for AI has also shaped the threat landscape in the country and threat actors have already started experimenting with different AI models and techniques, says PwC India's Dwivedi.

"Threat actors are expected to use AI to generate customized and polymorphic malware based on system exploits, which escapes detection from signature-based and traditional detection methods," he says. "Going forward, it may be more difficult to determine how all types of threat actors are misusing GenAI."

In addition, AI models could be harnessed to help malicious actors become more efficient and productive, says PG Advisors' Gopalakrishnan.

"The use of AI in cyberattacks is exacerbated by the AI skills gap in India, making training in the areas of both AI and cybersecurity an absolute priority within Indian businesses," he says, adding: "AI will place greater power in the hands of hackers in the future, making it accessible for those who might otherwise lack the skills and capabilities to launch cyberattacks."