Kaspersky released the result of its Digital Footprint Intelligence (DFI) report on the external threats covering the Asia Pacific (APAC) region in 2021, where China, India and Indonesia, more than any other countries in the APAC region, are at risk of being attacked through public exploits at any moment.
Almost every fifth of the vulnerable services contained more than one vulnerability, thereby increasing the chances of an attacker performing a successful incursion.
In terms of the share of vulnerabilities with publicly available exploits, India is within the top 3 countries in the APAC region.
The Darknet activity related to attack impact (advertisements on selling data leaks and compromised data) dominates the statistics as these are spread over time, where criminals sell, resell and repack many data leaks from the past. In 2021, organizations from India make 9.8% of all data leaks (Figure 2) and 35% of all insider activity sell orders placed on the Darknet (Figure 3).
2021 saw India cover 11% of the detected adverts in the APAC region (Figure 4)
“While India is progressing in cybersecurity initiatives, cyber criminals are not slacking as well, taking every opportunity and weak points to target the region. This Digital Footprint Intelligence report is part of our efforts in raising the awareness towards the cybercrime in India. We will also continue to collaborate with industry groups, authorities, and law enforcement organisations to share our technology, knowledge, and expertise in building a safer world,” noted Dipesh Kaura, General Manager for South Asia, Kaspersky.
The government has brought a series of initiatives to strengthen cyber security mechanisms. One such initiative is implementing the ‘Information Security Education and Awareness’ program to create awareness regarding information security and train Indian government personnel.
To protect your businesses from such threats, Kaspersky experts also recommend that you:
- Regulate every major change to the network perimeter hosts, including services or applications launching, exposing new APIs, software installation and updating, network devices configuration and so on. All changes should be reviewed from the perspective of security impact.
- Develop and implement reliable procedure for identifying, installing, and verifying patches for products and systems.
- Focus your defense strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to outgoing traffic to detect cybercriminal connections. Back up data regularly. Make sure you can quickly access it in an emergency.
- Use solutions like Kaspersky Endpoint Detection and Response and the Kaspersky Managed Detection and Response service, which help to identify and stop the attack in the early stages, before the attackers achieve their goals.
- Use a reliable endpoint security solution, such as Kaspersky Endpoint Security for Business (KESB) that is powered by exploit prevention, behavior detection, and a remediation engine that is able to roll back malicious actions. KESB also has self-defense mechanisms that can prevent its removal by cybercriminals.