India ranks second in cybersecurity breaches in 2022, 20% of data stolen globally was from India

India has had a precarious relationship with cybersecurity, not just when it comes to personal devices, but professional networks as well. Not just networks or privately run businesses, but the ones maintained by our governments too, have often been breached by malicious actors, with almost no effort. Naturally then, we have become a target, one that is massive and easy to hit. A new report by Tenable, a cybersecurity company based in Canada revealed that India has been ranked second in the total number of data breaches exposed in 2022. India’s dire situation in cybersecurity A total of 2.29 billion records or points of data were exposed worldwide in 2022, as calculated by Tenable’s Security Response Team’s analysis of 1,335 incidents of breaching that were publicly disclosed between November 2021 and October 2022. India accounted for 20 per cent of the total records or data points exposed worldwide. Of the 1,335 breaches analysed globally, 143 breaches occurred in Asia Pacific and Japan, resulting in a whopping 68 per cent of total records exposed globally. India accounted for 20 per cent of the total records exposed. In comparison, organisations in North America, Europe, the Middle East, and Africa accounted for a combined 31 per cent of records exposed. Where does India’s vulnerability lie? Perhaps most concerning for organisations were documented vulnerabilities, some of which dated back to 2017, that were still being abused by attackers. The results demonstrate that threat actors are still finding success with known and proven exploitable flaws that organisations have failed to effectively fix or resolve. Organizations that did not implement vendor patches for these flaws were more likely to be attacked throughout 2022. Several high-severity flaws in Microsoft Exchange and virtual private network solutions from Fortinet, Citrix, and Pulse Secure are among the most abused vulnerabilities in this group. Patches and mitigations for the other four most frequently exploited flaws, including Log4Shell, Follina, an Atlassian Confluence Server and Data Center flaw, and ProxyShell, were widely publicised and easily accessible. To emphasise the importance of known vulnerabilities in the industry, CVE-2021-21974 was recently in the news when a two-year-old vulnerability in VMware’s ESXi servers was extensively abused by ransomware organisations. According to Tenable’s worldwide data, as of February 13, only 34 per cent of organisations had remedied this particular danger prior to widespread news of these assaults (among those who checked for the vulnerability in February 2023). When it received enough notice though, repair increased to 87 per cent just 10 days later, on February 23. Currently, 13 per cent of organisations are susceptible. “Threat actors continue to find success with known and proven exploitable flaws that organisations have failed to effectively fix or address,” said Satnam Narang, Tenable’s senior staff research engineer. “In 2020 and 2021, we gave the same caution. Nonetheless, two years later, such vulnerabilities remain one of the most serious threats in the vulnerable environment. Unpatched vulnerabilities give attackers the simplest and most cost-effective method to obtain initial entry to or raise privileges within organisations. Don’t put it off any longer.” Where does India stand vis-a-vis the rest of the world? Ransomware assaults were responsible for 29 per cent of intrusions in the APAC area. This was followed by unclassified assaults which constituted about 28 per cent, phishing/email compromise which had a share of 9 per cent, 8 per cent because of unsecured databases, and the abuse of known and current weaknesses, which constituted 6 per cent. In India, ransomware was responsible for 33 per cent of the perpetrators, while unsecured datasets were responsible for 17 per cent of intrusions. The arts, leisure and recreation industries saw the most attacks in APAC, accounting for 11 per cent of incidents, followed by the retail industry’s 10 per cent and public administration’s 10 per cent, The healthcare industry had 9 per cent of the incidents. In India, the healthcare industry as well as the retail industry with 11 per cent of the incidents each, and financial services, education, professional and technical services, and public administration at 6 per cent of the incidents each, were the most targeted in India. Read all the  Latest News ,  Trending News ,  Cricket News ,  Bollywood News , India News  and  Entertainment News  here. Follow us on  Facebook,  Twitter and  Instagram.