Sectrio

2023 will be an important year for cybersecurity in India

By Prayukth K V
January 3, 2023
2023 will be an important year for cybersecurity in India

In addition to the heightened attention the country is receiving from hackers and hacktivists, there are chances of data stolen in 2022 being weaponized this year.

2023 will be an important year for cybersecurity in India

IoT and OT Cybersecurity predictions for India for 2023 are based on the trends we have observed in India’s digital space over the last 4 years, our research on the type of cyberattacks that have occurred in this duration, chatter on the Dark Web and other forums and on threat and actor specific IoT and OT focused threat intelligence gathered by Sectrio’s Threat and APT Hunting team.

Here are our specific 2023 IoT and OT cybersecurity predictions for India:

  • India’s manufacturing sector is on a high. Riding on a post-Covid growth in demand due to rising economic activity, this sector logged the highest Purchasing Manager’s Index (PMI) in almost 26 months. This sector is expected to witness high capital investments as well as the recruitment of new employees. Supply chain diversification, addition of untested devices and components, lack of asset inventories and systemic vulnerability and threat management plan, lack of adequate security training for new employees and lack of capabilities in IT SOC teams to handle OT security needs are all going to play up to contribute to multiple cybersecurity incidents this year. Employee training and sensitization alone can go a long way in preventing many of these episodes
  • The lack of an integrated and nuanced approach towards integrating some of the Industry 4.0 technologies and systems is also proving to be a critical weakness for the manufacturing sector in India. This opens up security gaps during the early stages of component integration and some of these gaps will be exploited much later by bad actors.
  • At the government level, India’s critical infrastructure including ports, refineries, defense assets, power systems, space research facilities, financial services infrastructure, and Public Sector Undertaking assets are all under surveillance by Threat actors from at least three countries. North Korean Lazarus APT group will try and target PSUs that are sitting on high cash reserves. North Korean threat campaigns connected to a range of geo-political events rose significantly in 2022. This is a worrying trend at many fronts as some of these attacks could turn into breaches this year due to employee negligence or systemic vulnerabilities being exploited by bad actors 
  • APT groups from China have ramped up their efforts to gather data on India’s national security decision-making apparatus. This includes gathering data on the status of the health (the AIIMS hack was driven by this motivation), finance, and official tenure-related information on key decision-makers. Defense hardware procurement and functional information related to key defense equipment, ballistic missile defense capabilities, and India’s infrastructure expansion plans in the North East part of the country are other areas where Chinese hackers have shown interest in the past and this trend is expected to continue in 2023 as well. Hackers may even change tracks to monitor the movement of key decision-makers.
  • India could experience more breaches in the utility sector specifically this year. The volume of inbound scans and attempts to sniff data from networks belonging to power and power grid companies has grown by almost 70 percent in the last 6 months of 2022.
  • Lockbit 3.0 is a threat to businesses everywhere. With the severe deterioration in the security environment in Europe last year, many hackers released themselves from contracts with APT groups and branched out on their own to target victims. The huge spike in reported ransomware events in November and December 2022 was because of the activity of these actors. More variants of this ransomware will emerge in 2023. At least one variant will target businesses in India. 
  • APT 36 has expanded its footprint significantly in India in 2022. This group is now more active than ever (directly and via proxies) and its footprint is no longer tied to specific geopolitical events in the region as was the case earlier. Its footprint is now being found in parts of critical infrastructure in India. In 2023, this group might launch a coordinated attack on defense manufacturing firms in India.
  • The biggest volume of attacks in 2023 will emerge from data exfiltrated by bad actors in the last few years. Firms that are not diligent in maintaining basic levels of cyber hygiene will be severely impacted.
  • Cyberattacks on start-ups will rise. The preferred targets of hackers will be firms that are on the verge of issuing an Initial Public Offer
  • There could be a large cyber attack on a sports governing body connected with a very popular sport in the country this year.   

The IoT and OT Security CISO peer survey 2022 report conducted by Sectrio is a must-read for all. Click here and download your copy of the report now: The CISO Peer Survey Report 2022

We are giving away threat intelligence for free for the next 2 weeks. Find out how you can sign up and try out our threat intelligence feeds

Defence in depth without contextual threat intelligence is an unlit alley 1
Threat Modeling Using the Purdue Model for ICS Security – Sectrio

Find out what is lurking in your network. Go for a comprehensive 3-layer threat assessment now

Comprehensive Asset Discovery with Vulnerability and Threat Assessment 1200 × 630px
Comprehensive Asset Discovery with Vulnerability and Threat Assessment See our IoT and OT Security solution in action through a free demo

Key Points

Get the latest news and insights beamed directly to you

Share

Key Points

Get the latest news and insights beamed directly to you

Share

2023 will be an important year for cybersecurity in India

Read More

Protecting your critical assets is only a few steps away

Scroll to Top