The year 2024 witnessed an unprecedented surge in cyberattacks globally, with ransomware, data breaches, and DDoS attacks dominating headlines. Ransom demands remained the primary motive behind these malicious activities, impacting multiple sectors worldwide, with India emerging as a key target.
India’s Cybersecurity Challenges in 2024
India detected an average of 761 cyberattack attempts per minute, according to the Data Security Council of India (DSCI). The healthcare sector was the hardest hit, followed by hospitality and banking. Among Indian states, Telangana bore the brunt with 15% of attacks, trailed by Tamil Nadu at 12%. Major urban centers like Surat and Bengaluru also faced significant threats.
Key incidents included:
BSNL Breach: Over 278GB of telecom data was compromised.
BoAt India Leak: The personal data of 7.5 million users was exposed.
Ransomware on Polycab India: The attack crippled IT infrastructure.
Prominent cyber incidents further included attacks on the SPARSH pension portal, Hathway internet, and Tamil Nadu’s FRS system. A breach of the WazirX cryptocurrency exchange led to a staggering $230 million theft.
Cross-Border Cyber Conflicts
Ideologically-driven attacks added another dimension to India’s cybersecurity challenges. Groups from Bangladesh and Indonesia frequently targeted Indian government and business websites, with Indonesia’s Anon Black Flag being the most active, contributing to 23% of all cyberattacks on India.
Global Cyber Threat Landscape
On the global stage, major incidents highlighted the growing sophistication of cybercriminals:
1. Ransomware Attacks
Change Healthcare (USA): BlackCat/ALPHV disrupted the healthcare system, causing weeks of outages. UnitedHealth paid a $22 million ransom, yet sensitive data was leaked online.
RansomHub Activities: This group expanded its reach with a double-extortion model, affecting over 210 victims across healthcare and government sectors.
2. DDoS Attacks
The Internet Archive suffered repeated outages in May and October, compromising 31 million passwords and disrupting access to digital content.
3. Data Breaches
Dell: A database with records of 49 million customers from 2017–2024 was sold on hacking forums.
Ticketmaster: Sensitive data of 560 million users was exposed due to weak security protocols.
Snowflake Customers: Widespread breaches impacted organizations like AT&T and Santander, exploiting stolen credentials.
4. Zero-Day Vulnerabilities
China-Linked Groups: Volt Typhoon and Salt Typhoon executed cyber-espionage campaigns targeting critical infrastructure and telecom networks in the US.
Active Threat Actors in 2024
Several groups remained dominant in the cyber threat landscape:
LockBit: Continued to operate with its Ransomware-as-a-Service (RaaS) model despite law enforcement efforts.
RansomHub: Utilized double-extortion tactics to maximize damage.
BlackSuit: Focused on phishing, exploiting vulnerabilities, and stealing VPN credentials to infiltrate networks.
As the digital landscape evolves, 2024 underscored the urgent need for stronger cybersecurity measures, international cooperation, and proactive threat mitigation strategies to combat rising cyber threats.
