Security
Palo Alto Networks’ latest Unit 42 Global Incident Response Report reveals that cybercriminals are shifting from traditional ransomware attacks to business disruption, AI-driven threats, and insider breaches. The report found that 44% of security incidents involved web browsers, highlighting the growing risk of phishing, malicious redirects, and malware downloads.
"Cyber criminals targeting organisations in the Asia-Pacific and Japan region are no longer just stealing data, they are actively taking down entire operations. Traditional approaches to cybersecurity are no longer sufficient in addressing the visibility gaps and complexity challenges that organisations face today. To stay ahead of evolving threats, businesses must adopt AI-driven, automated security solutions that can outpace adversaries and provide comprehensive real-time protection,” said Philippa Cogswell, Vice President and Managing Partner, Unit 42, Asia-Pacific & Japan, Palo Alto Networks.
Cyber fraud cases in India quadrupled in FY2024, leading to $20 million (₹177 crore) in losses. Scams such as deepfake fraud, voice cloning, and phishing have caused both financial and data losses. To strengthen cybersecurity, the Indian government increased its cybersecurity budget by 18%, allocating ₹1,900 crore in the Union Budget 2025.
“We have observed a notable rise in cyberattacks as threat actors increasingly adopt automation, RaaS models, and GenAI to streamline their campaigns. These tools allow attackers to rapidly identify vulnerabilities, create realistic phishing tricks and launch large-scale attacks faster, that aren’t just causing data theft but making business disruption their primary goal,” said Huzefa Motiwala, Senior Director, Technical Solutions, India and SAARC, Palo Alto Networks.
Key Findings from the Report
Business Disruption Over Data Theft: Attackers now prioritize sabotaging operations rather than stealing data. In 86% of incidents, businesses suffered operational downtime or reputational damage.
Insider Threats Surge: Attacks linked to North Korea tripled in 2024, with hackers infiltrating major tech, finance, and government organizations through contract-based roles. Advanced tactics like hardware-based KVM devices and Visual Studio Code tunneling make detection harder.
Faster Data Theft: Hackers now steal data three times faster than in 2021. In 25% of cases, data was exfiltrated within five hours, while 20% of incidents occurred in under an hour.
Expanding Attack Vectors: 70% of attacks used at least three different methods, emphasizing the need for strong security across networks, cloud, and endpoints.
Phishing Resurgence: 23% of attacks started with phishing, now the top entry point for hackers. AI tools make phishing scams more convincing and harder to detect.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
