Over 1.6 bn cyberattacks blocked from India in Q3: Report

Over two billion cyber attacks were blocked in the third quarter (Q3) this year, 70 per cent of which (more than 1.6 billion) originated from India, a report showed on Monday.

This figure reflects a sharp increase of 70 per cent in the frequency of cyber attacks on Indian websites during the third quarter as compared to the second quarter this year (which recorded 947 million attacks), according to the report from Indusface, a TCGF II (Tata Capital) funded application security software-as-a-service (SaaS) company.

Notably, the healthcare sector, where 100 per cent of its sites faced bot attacks, and the banking and insurance industry, with 90 per cent experiencing similar attacks, emerged as the most vulnerable sectors. 

This quarter, eight out of 10 websites found themselves targeted by bot attacks, and the number of overall bot attacks was 56 per cent higher compared to the previous quarter. 

Apart from India, the major countries from where cyberattacks originated were the US, the UK, Russia and Singapore.

The other biggest attack category was distributed denial of service (DDoS) attacks that witnessed more than two-thirds (67 per cent) increase over the last quarter. 

“Bot attacks continue to be a significant threat for BFSI and healthcare industries signifying the importance of data that they house. Over 90 per cent websites in these sectors are facing a variety of bot attacks,” said Ashish Tandon, CEO of Indusface. 

“In light of the Digital Data Protection Bill, it is therefore critical for security and infra teams of these sectors to stay more vigilant than ever and safeguard their customer data,” he added.

Top three vulnerability categories in Q3 were malicious content found (software and data integrity failures), server-side request forgery detected and cross-site scripting (XSS).

Around 46,000 vulnerabilities were identified during Q3, with a concerning 32 per cent remaining unaddressed for over 180 days, underscoring the urgency for immediate action.

In this quarter, SaaS and conglomerate companies experienced a tenfold increase in the number of attacks, driven by the handling of customer-sensitive data across multiple industries, said the report.