Cybercrime has become one of the most pressing challenges of the digital age. With the rapid growth of internet use, cybercriminals have found new avenues to exploit vulnerabilities, targeting individuals, businesses, and even governments. From data breaches and financial fraud to ransomware attacks, the scope of cybercrime is vast, and its impact on a corporation can be devastating. As technology evolves, so too do the tactics of cybercriminals, making cybersecurity a critical focus for organisations worldwide. The rising number of attacks highlights the need for stronger defences and greater awareness to safeguard digital assets.

 

India’s Cyber Crime Landscape Overview

 

India has seen a dramatic 46% increase in cyberattacks year-on-year, with an average of 3,201 attacks per week, ranking second in the Asia-Pacific region. The education, research, and government sectors remain prime targets, while healthcare and military institutions also face significant threats. Cloud security has emerged as a top priority, with Cloud Storage, SaaS applications, and Cloud Management Infrastructure becoming key targets in 2024. Protecting cloud environments is now a critical focus for businesses. The growing cyber threat landscape demands urgent attention to cybersecurity measures.

 

In 2024, India witnessed a significant rise in cyber incidents. Let’s talk about the ones capturing widespread attention. These incidents not only disrupted operations but also underscored the importance of robust cybersecurity measures in today’s interconnected world.

 

1. Data Breach: BoAt, BSNL, Hathway ISP & SPARSH:

BoAt: Indian wearable brand boAt suffered a significant data breach, exposing personal details of over 7.5 million users. The breach, allegedly carried out by the hacker, led to the leak of sensitive data, including names, phone numbers, and email addresses. Approximately 2 GB of this personally identifiable information (PII) was found on dark web forums.

BSNL: Bharat Sanchar Nigam Limited (BSNL) faced a major data breach, exposing over 278 GB of sensitive data, including IMSI numbers, SIM card details, and snapshots of BSNL’s SOLARIS servers.

Hathway ISP: Hathway, a leading ISP and cable TV provider in India, experienced a massive data breach after a hacker exploited the vulnerability in the company’s Laravel-based CMS. The breach exposed personal data of over 41.5 million customers, including names, phone numbers, email addresses, and physical addresses.

SPARSH: The SPARSH portal, developed by Tata Consultancy Services (TCS) for managing pensions for Indian defence personnel, suffered a significant data breach. The leak exposed sensitive details of thousands of defence personnel, including usernames, passwords, URLs, and pension numbers. The breach, which primarily affected personnel in Kerala, raised serious privacy and security concerns.

 

2. WazirX Crypto Exchange Breach:

In early 2024, WazirX, India's largest cryptocurrency exchange, fell victim to a significant cyberattack, resulting in the theft of over $230 million. The breach targeted the platform’s multi-signature wallet, managed by Liminal, exploiting discrepancies between the interface and actual transaction data. Despite robust security protocols such as Gnosis Safe multisig and whitelisting, attackers managed to gain unauthorized access, making off with a variety of cryptocurrencies, including Shiba Inu (SHIB) tokens and Ethereum (ETH).

 

The breach led WazirX to temporarily halt both crypto and rupee withdrawals while initiating an investigation. 

 

3. Ransomware Attack, AIIMS Delhi (Health Care)

AIIMS Delhi was hit by a cyberattack that led to server shutdowns and disruption of healthcare services. The breach potentially compromised patient data, underlining the vulnerability of the healthcare sector to cyber threats. This ransomware attack, one of the most significant in India, highlighted the urgent need for robust cybersecurity measures to protect sensitive information

 

4. AI-Phishing In The Banking Sector:

In 2024, an AI-phishing attack on an Indian bank demonstrated the evolving threat landscape. As AI technology advances, so do cyberattacks. Financial institutions and businesses must adopt AI-aware cybersecurity solutions to protect systems and data from increasingly sophisticated attacks.

 

Key Lessons from Recent Cyber Attacks: Strengthening Security and Building Trust

 

In all the above cases, the companies involved learned crucial lessons: the importance of timely patching, effective endpoint security, and continuous monitoring of network traffic. Moreover, these attacks emphasised the critical need for employee training on phishing and social engineering attacks, as human error remains one of the most exploited attack vectors. As India becomes increasingly digital, these incidents serve as stark reminders that cybersecurity must be a top priority. Organisations must invest in advanced threat detection systems, adopt a proactive risk management approach, and ensure all employees are trained in recognising potential threats. 

 

Staying up-to-date with the latest security trends and courses through ISACA’s Mumbai Chapter training and certifications can equip today’s tech-savvy teams. Here, you will not only enhance the skills and acumen needed to combat evolving cyber threats but also maintain business resilience through robust IT processes and the expertise of cybersecurity professionals.