Financial sector in crosshairs: 85% of DDoS attacks target Indian financial sector
The darkweb is getting swarmed with ‘lucrative’ offers for hackers. For one, banking credentials that can give access to accounts of thousands of users are being sold in the darkweb.
For $70,000, the keys to an Indian bank’s digital kingdom could be yours. Not just a stray account number or two, but administrator privileges – the power to manipulate ATMs, hijack mobile applications, and infiltrate the financial institution’s core, cybersecurity solutions company Positive Technologies said in a new study.
The study found that cybercriminals are primarily interested in databases and access to key infrastructure platforms of various Indian companies across industries.
“Overall, 85 per cent of the DDoS attacks in Indian cyberspace target the financial sector, while the remaining 15 per cent target government agencies,” it said.
India is among the top three countries in terms of the number of dark web ads related to leaked and stolen databases. Databases are of the greatest interest to cybercriminals targeting the country’s infrastructure, the report said.
“Our analysis of dark web markets offering cybercrime services shows that only 29 per cent of hacked databases are then sold. Sellers frequently offer databases of financial organisations, service companies, and retail businesses,” it said.
“In 40 per cent of the ads, the price does not exceed $1,000 per database. Buyers’ ads account for only 5 per cent of the region’s dark web and indicate the most common areas of interest for cybercriminals, one of them being financial data,” Anastasia Chursina, Analyst at the Russian company, said.
It said there is a sharp surge in the number of distributed denial-of-service (DDoS) attacks on Indian infrastructure. The incidence has gone up by 50 per cent since the beginning of 2024, it said in a study on dark web platforms and cybercrime services.
The company found that attackers are primarily interested in databases and access to various A What is a DDoS attack
DDoS attack, or Distributed Denial of Service attack, is like a digital traffic jam. Hackers flood the website with so much fake traffic from multiple sources overwhelming the system and denying legitimate users from accessing it. This can cause websites to crash, slow down, or become completely unavailable, causing huge financial and reputational damage to service providers.
“India’s rapid digital development, which has made the country the world’s third-largest digital economy in 2024, creates a favorable environment for cyberattacks. Ever-evolving digital tools have transformed multiple sectors and fueled entrepreneurship, but they also attract malicious actors seeking to exploit the weaknesses of the digital infrastructure,” the report said.
Personal data
The majority of stolen data (61 per cent) is personally identifiable information of companies’ customers and employees. A cyberattack on just one major Indian electronics manufacturer in April 2024 resulted in the theft of 7.5 million customer records.
The study analysed dark web messages related to India between September 1, 2023, and October 1, 2024. The sample includes 380 Telegram channels and forums on the dark web, with an audience of about 65 million users and the total number of messages stood at 250 million.