India amongst top three most targeted APAC countries as AI use, ransomware increases: Report  

/in


India is among the top three most targeted countries in the APAC region by nation-state actors as cybercriminals used AI to create new threats, increased the speed and sophistication of ransomware, and attempted password-based and Multi-Factor Authentication (MFA) fatigue attacks.

India began advancing cyber incident reporting requirements in the last 12 months. For Transmission Control Protocol attacks, while India was the second most targeted country last year, it has now come down to the fifth, given recent geopolitical shifts, Microsoft said in its Digital Defence Report.

While AI was also used in creating new opportunities for defence, Microsoft blocked an average of 4,000 password attacks per second targeting its cloud identities, the company shared.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

The use of AI creates new threats, opportunities

Cybercriminals are increasingly using AI as a weapon to refine phishing messages and improve influence operations with synthetic imagery. However, AI will also be crucial for successful defence, automating and augmenting aspects of cybersecurity such as threat detection, response, analysis, and prediction, the report shared.

And while threat groups have significantly accelerated the pace of their attacks over the last few years, Microsoft says its built-in protections across its products blocked tens of billions of malware threats, thwarted 237 billion brute-force password attack attempts, and mitigated 619,000 distributed denial of service (DDoS) attacks that aim to disable a server, service or network by overwhelming it with a flood of Internet traffic.

Increase in ransomware attacks

The report further shared that organisations saw human-operated ransomware attacks increase 195% since September 2022. These attacks were found to be “hands-on keyboard” types of attacks rather than automated ones, typically targeting a whole organisation with customised ransom demands.

Attackers were also found to have evolved attacks to minimise their footprint, with 60% using remote encryption, thereby rendering process-based remediation ineffective.

Ransomware operators were also found to increasingly…

Source…