India Prime Target For Email, Ransomware, Malware Attacks: Report

India is grappling with a surge in email-based attacks, ranking second globally, behind the United States and leading the charge in Asia. In malware detections, India ranks third worldwide and second in Asia, highlighting its increasing vulnerability in this area, according to a new cybersecurity threat report by Trend Micro Inc.

The report underscored India's growing prominence as a prime target for sophisticated cyberattacks, such as email threats, ransomware and malware. With the nation's digital infrastructure rapidly expanding across critical sectors like banking, government, and manufacturing, India now stands at the forefront of global cybersecurity challenges.

Out of 1,018 billion email threats worldwide, India accounted for 8.3%, translating to 84.2 million threats. Dominating South Asia, India is responsible for 92.27% of the region's email-based incidents. This underscores the critical need for organisations to prioritise robust email security solutions to defend against the rising threat.

While Japan and the US currently lead the world in malware detections, India ranks third worldwide with 4.7% of all detected threats. Regionally, India is responsible for 9.95% of malware cases and dominates South Asia with 94.2% of all malware detections. Notable malware families like CoinMiner, fakeMS and Mudyupdate present severe risks to the nation's critical sectors, according to the report.

On the ransomware front, India ranks 10th globally and sixth in Asia, with 1.17 lakh ransomware threats detected in 2024—accounting for 2.95% of global and 4.97% of Asia's ransomware incidents. In South Asia, India leads with 73.8% of ransomware cases, making it a dominant target.

Key ransomware families such as WCry, Cobra and GandCrab repeatedly attack critical industries like banking, government and manufacturing, which remain lucrative targets for financially driven ransomware gangs, the report showed.

The banking sector was hit hardest by malware and ransomware attacks, followed by government and manufacturing, in the first half of 2024, the report added.

"As cybercriminals employ increasingly sophisticated tactics, key sectors in the region are increasingly under attack from ransomware, email threats and malware. Our report provides strategic insights for businesses to strengthen their defences, especially as emerging technologies like generative AI transform the threat landscape,” said Sharda Tickoo, country manager for India and SAARC, Trend Micro.

Furthermore, the report indicated that globally, cloud-based apps, services and assets are at heightened risk as cybercriminals are exploiting exposed credentials and vulnerabilities. The lack of updated endpoint protection on unmanaged devices further exposes businesses to significant risks.

Additionally, cybercriminals have capitalised on the growing interest in AI technologies by employing tactics, such as jailbreaking existing LLMs, bundling legitimate AI software with malicious payloads, and utilising deep fake-generating AI tools.