India continues to be on the top of the agenda of nation-state actors when it comes to cyber-attacks. According to the latest report by Microsoft, India accounts for 13 per cent of cyber-attacks in the Asia-Pacific (APAC) region, making it one of the top-three most attacked countries by nation-state actors.

For Transmission Control Protocol attacks, in particular, while India was the second most targeted country last year, it has now come down to the fifth given recent geo-political shifts. The report said India has begun advancing cyber incident reporting requirements in the last 12 months and is among the few countries that have initiated measures to protect digital infrastructure. 

Also Read | Laptops, PCs face 1 million cyber threats every day in India: Report

According to the Digital Defense Report 2023, Microsoft blocked an average of 4,000 password attacks per second targeting Microsoft cloud identities.

Microsoft said it synthesises over 65 trillion signals every day, or 750 billion signals a second, using AI algorithms to understand and protect against digital threats and criminal cyberactivity.

“We track over 300 unique threat actors, including 160 nation-state actors, 50 ransomware groups, and hundreds of others,” the report said.

Also Read | No. of cyber attacks on Indian entities far surpasses global average

The report pointed out that artificial intelligence is being used to create new threats. It is also helping the defenders to guard against such attacks.

“Microsoft is already seeing AI-powered cyber-defence reversing the tide of cyberattacks; in Ukraine, for example, AI has helped defend against Russia. As transformative AI reshapes many aspects of society, we must engage in Responsible AI practices crucial for maintaining user trust and privacy, and for creating long-term benefits,” it said.

The report claimed that the company thwarted 237 billion brute-force password attack attempts, and mitigated 6.19 lakh distributed denial of service (DDoS) attacks. In a DDoS attack, hackers attempt to disable a server, service or network by overwhelming it with a flood of Internet traffic, making it unavailable for genuine users.

“Criminals are also looking to increase their anonymity and effectiveness, by using remote encryption to cover their traces more effectively as well as cloud-based tools such as virtual machines,” it said.

Also Read | Ransomware incidents up by 53% in India: CERT-In

Ransomware attacks up

The report saw an increase of 200 per cent in human-operated ransomware attacks since September 2022. “These attacks are generally a “hands-on keyboard” type of attack rather than an automated one, typically targeting a whole organization with customised ransom demands,” it said.

Ransomware operators are increasingly exploiting vulnerabilities in less common software, making it more difficult to predict and defend against attacks.   

The report said there was also a sharp increase in password-based and Multi Factor Authentication (MFA) fatigue attacks during the year. 

Also Read | Cyber attack has caused significant loss to revenue, profitability: Granules India

“While deploying MFA is one of the easiest and most effective defences organisations can deploy against attacks, reducing the risk of compromise by 99.2 per cent, threat actors are increasingly taking advantage of ‘MFA fatigue’ to bombard users with MFA notifications in the hope they will finally accept and provide access,” he said.

Microsoft has observed about 6,000 MFA fatigue attempts per day over the last year. 

Additionally, the first quarter of 2023 saw a dramatic tenfold surge in password-based attacks against cloud identities, especially in the education sector, from around 3 billion per month to over 30 billion – an average of 4,000 password attacks per second targeting Microsoft cloud identities this year.