India ranks 21st in the global tally with 6,95,396 attacks hackers across various countries. However, India took the 13th spot in terms of hackers initiating attacks with 73,482 such incidents. Globally, the UK was the biggest source country with a total of 97,680,746 attacks this year, while the US was the top destination country with 1,10,10,212 attacks.
F-Secure said the insights are based on data from “honeypots”. The company said it has deployed more than 41 such “honeypots” across the globe that “serve as sitting ducks for cybercriminals” and enables collection of the latest malware samples/shell scripts and new hacking techniques.
These “honeypots” are basically decoy servers that emulate the IT environment of a business. To the attackers, these look like actual servers of real companies with weaknesses and vulnerabilities. This method helps gain critical insights on attack types, popular targets, sources, volume, and TTPs (Tactics, Techniques, and Procedures).
“Such insights are collected by deliberately allowing potential attackers to gain unauthorised access to the emulated services of a server, and then studying the attack path to the point that the attacker realises it is a honeypot,” it added.
The report said the top five source countries that targeted India included Russia (2,55,589 attacks), followed by the US (1,03,458), China (42,544), the Netherlands (19,169) and Germany (15,330) – totalling 4,36,090 attacks. On the other hand, Indian cyberattackers targeted a total of 12,540 attacks toward Austrian organisations, the Netherlands (9,267), the UK (6,347), Japan (4,701), and Ukraine (3,708), the report said.
“Our public honeypots are a valuable source of threat intelligence, and an integral part of the infrastructure that powers our various security offerings, including our Rapid Detection and Response Service,” F-Secure vice president of cyber security products R&D Leszek Tasiemski said.
Tasiemski added that “the relatively higher number of inbound attacks on Indian honeypots also reflects how the fast-digitising country is becoming more lucrative for global cybercriminals”.
“We are gathering and analysing all the pertinent data to ensure that our customers stay protected given the dynamically evolving threat landscape,” he said.