India’s manufacturing industry witnessed the most ransomware extortion in 2023, according to a global report.
The report by Palo Alto Networks’ Unit 42 is based on incident data from more than 250 organisations and more than 600 incidents.
It examined 3,998 posts from leak sites — platforms where threat actors publicly disclose stolen data as a means of coercing victims into paying ransom — from various ransomware groups.
Globally, a 49 per cent year-on-year (YoY) increase was seen in multi-extortion ransomware attacks from 2022 – 2023, while in India manufacturing sector was the worst hit.
“In India, the manufacturing sector has emerged as the primary target for ransomware attacks over the past year. This unsettling trend underscores the critical vulnerabilities within the Indian manufacturing sector, where limited visibility into operational technology (OT) systems, inadequate network monitoring, and suboptimal cyber-hygiene implementation have left organisations exposed,” said Anil Valluri, MD and VP, India and SAARC, Palo Alto Networks, in a statement.
“Organisations must implement enterprise-wide Zero Trust network architecture to create layers of security that limit an attacker from successfully moving laterally around the network.
The report also showed that phishing dropped to just 17 per cent in 2023, from a one-third share of initial access incidents in 2022.
“This indicates a potential de-prioritisation of phishing as cybercriminals adapt to more technologically advanced — and perhaps more efficient — infiltration methods,” the report said
Further, the report showed a discernible rise in the exploitation of software and API vulnerabilities — accounting for 38.60 per cent of the initial access points in 2023, up from 28.20 per cent in 2022.