Key Highlights
- India recorded 95 confirmed cyber intrusions in 2024, positioning it just behind the United States.
- Financial services suffered the greatest impact, with 20 organizations compromised.
- LockBit led ransomware activity, responsible for more than 20 of the 108 incidents.
- Major data exposures involved over 850 million citizen records from Hi‑Tek Group and large‑scale leaks at Star Health and Telecom Consultants India.
- The trend underscores an urgent call for reinforced security frameworks across public and private sectors.
Detailed Insights
The CloudSEK ThreatLandscape Report 2024 identified India as the second‑most targeted country worldwide, tallying 95 distinct breach events. The United States headed the list with 140 attacks, while Israel occupied the third slot with 57 incidents. Sector‑wise analysis revealed that banking and finance entities were the predominant victims, followed by government bodies (13 cases), telecom operators (12), healthcare and pharmaceutical firms (10), and educational institutions (9).
Prominent breaches highlighted the leakage of 850 million personal records belonging to Indian citizens from the Hi‑Tek Group, customer databases from Star Health and Allied Insurance, and an estimated 2 TB of data exfiltrated from Telecommunications Consultants India. Ransomware activity reached 108 documented cases; LockBit emerged as the most prolific gang, with KillSec and RansomHub also featuring prominently.
Historically, India has endured recurring cyber pressure. In 2018, it previously ranked second globally for data breaches, coinciding with a surge in internet penetration that now exceeds 690 million users. The accelerating digitisation of governmental and commercial services has amplified attack surfaces, making comprehensive cyber‑defence strategies indispensable.
The report’s conclusions stress that without decisive policy interventions, heightened encryption standards, and continuous awareness programmes, the nation’s digital trust could erode, jeopardising both economic stability and public confidence.
Key Concepts
- Ransomware: Malicious software that encrypts victim data and demands a monetary payment for decryption.
- Data Breach: Unauthorized acquisition, disclosure, or use of confidential information.
- Threat Landscape: The aggregate of existing and emerging cyber risks facing an organization or nation.
- Attack Vector: The method or pathway a threat actor exploits to infiltrate a system.
- Digital Trust: Confidence stakeholders place in the security, privacy, and reliability of electronic services.