Global cybersecurity and digital privacy firm Kaspersky revealed a 54% increase in threat sources originating from servers hosted in India in 2024 compared to the previous year.

The data processed by Kaspersky Security Network (KSN) shows that in the period between January to December 2024, 7,157,431 incidents were caused by servers hosted in India, compared to only 4,637,504 incidents in the same period in 2023. This puts India in 17th place in 2024, three places up from 20th place last year.

KSN is a complex-distributed infrastructure dedicated to processing cybersecurity-related data streams from millions of voluntary participants around the world. KSN data is collected from Kaspersky customers here who have installed the company’s cybersecurity software on their computers and voluntarily shared information with the firm.

Data servers host a wealth of information and provide organizations with resources, data, services or programs over a network. Servers can be compromised should there not be appropriate safety measures in place. Once compromised, cyber criminals could use the server to execute attacks against the organization or use it as a launch pad for external attacks.

A majority of businesses in India have now adopted new technologies and business models that rely heavily on cloud computing or have engagement with tech vendors or third-party service providers that have high reliance on data servers. Whilst collaborative, this interconnectivity and reliance on centralized servers do present a collective weakness.

In 2024, two major telecom companies in India faced malicious intrusion and data breach where critical data was stolen. This puts the subscribers of the two companies in danger of phishing attacks while endangering the companies’ business. During this period, it was also seen that cybercrooks used data servers hosted in India to attack critical infrastructure, especially BFSI and healthcare sector, along with large data centers within the country.

“India has been taking extensive measures to protect its critical infrastructure and fortify it for its evolving digital age. The rise of the threats we’ve detected that originated from servers in the country is, a matter of fact, a by-product of India’s rapidly booming data center industry. The value of this market is expected to reach US$11.6 billion by 2032, so along with regulatory policy, public and private organizations need to continue to be collaborative and prudent in managing their resources to build up cyber resiliency to fortify their businesses against complex and intensive cyberattacks. Clearly, cybersecurity should be a strategic decision, which involves a holistic and systematic approach rather than a point-specific threat control move,” says Adrian Hia, Managing Director for Asia Pacific at Kaspersky.

Kaspersky’s latest KSN report also showed that malware incidents through offline methods have decreased in the period January-December 2024 in India.

Last year, Kaspersky products foiled 57,497,879local threats on computers KSN participants here. In 2023, 74,385,324 local threats were detected and blocked by the global cybersecurity company.

KSN data shows that worms and file viruses account for the majority of local attacks. It is seen that malware attacks happen via removable devices like USBs.

“In 2024, we found a new trend where a secure USB drive was compromised by a malicious code which was not only programmed to steal data, but acted as a USB worm infecting other USB drives. This proves that what we think of as a safe offline option to share data can also be compromised easily. To protect against such attacks, users not only need to deploy antivirus solutions but also have a firewall and control over their USB drives, CDs and DVDs,” adds Hia.

To avoid falling victim to a targeted attack, Kaspersky recommends:

• Use all-encompassing solutions from the Kaspersky Next product line that provide real-time protection, threat visibility, advanced investigation and response capabilities for companies of any size and industry.
• Provide your InfoSec professionals with in-depth visibility into the cyberthreats targeting your organization. The latest Kaspersky Threat Intelligence will supply them with rich and meaningful context across the entire incident management cycle and help to identify cyber risks on time.
• Upskill your cybersecurity team to tackle the latest targeted threats with Kaspersky online training developed by GReAT experts.
• Implement a corporate-grade security solution that detects advanced threats at the network level at an early stage, such as the Kaspersky Anti Targeted Attack Platform.
• Use centralized and automated solutions such as Kaspersky Next XDR Expert to enable comprehensive protection of all your assets;
• Introduce security awareness training and teach practical skills to your team – for example, through the Kaspersky Automated Security Awareness Platform, as many targeted attacks start with phishing or other social engineering techniques.
• Update OS and software as soon as possible and do so regularly.