Over 1.6 billion cyberattacks thwarted in India, 70% rise in Q3: Indusface Report

Indusface, an application security SaaS company backed by TCGF II (Tata Capital), in its latest report, revealed a staggering 70% increase in cyberattacks on Indian websites, with over 1.6 billion attacks originating from the country.

The report titled "State of Application Security Report" for the third quarter of 2023 highlighted the number as a significant rise from the second quarter, which saw 947 million attacks.

Sectors under siege

The report highlights the vulnerability of different sectors, with the healthcare industry facing bot attacks on all its sites, and the banking and insurance sectors experiencing attacks on 90% of their sites.

Overall, 80% of sites were targeted by bots, with a 56% increase in such attacks from the previous quarter. The United States, the United Kingdom, Russia, and Singapore were also notable origins of these cyber threats.

The DDoS menace

Distributed Denial of Service (DDoS) attacks have seen a two-thirds increase over the last quarter. A significant number of these attacks were launched from India, alongside the United States, Germany, and the United Kingdom.

 Indusface CEO Ashish Tandon emphasized the critical nature of these attacks, particularly for sectors like BFSI and healthcare, due to the sensitive data they handle.

Ashish Tandon, CEO of Indusface, said, “Bot attacks continue to be a significant threat for BFSI and healthcare industries signifying the importance of data that they house. 90%+ websites in these sectors are facing a variety of bot attacks. In light of Digital Data Protection Bill, it is therefore, critical for security and infra teams of these sectors to stay more vigilant than ever and safeguard their customer data.”

A case study in defense

Highlighting a specific incident, Tandon recounted how Indusface protected a Fortune 500 client from a severe botnet-driven DDoS attack. The attack, which involved over 8 million IP addresses, was 14,000 times the site's peak traffic. 

“Recently, one of our Fortune 500 clients faced a severe botnet-driven DDoS attack, where the attacker leveraged 8 million+ IPs to launch a slow rate of requests. But even that was about 14000X the usual site traffic at peak. We ensured 100% availability for this client where the system used behavioural models to prescribe rate-limits and the managed services used this intelligence to set up rules and minimize false positive blocks. A wonderful case study of human + machine collaboration for thwarting advanced DDoS attacks," he said.

Proactive measures and insights

The report also shared additional insights, including the top three vulnerability categories: Malicious Content Found, Server-Side Request Forgery Detected, and Cross-Site Scripting (XSS). It noted that around 46,000 vulnerabilities were identified, with 32% unaddressed for over 180 days.

The adoption of virtual patching at the Web Application Firewall (WAF) level has been increasing, with 35% of attacks blocked by core rulesets and the remainder by custom rules. SaaS and conglomerate companies saw a tenfold attack increase and URI-based rate limiting was particularly effective in the banking and financial sectors.

What does Indusface do?

Indusface is a leading application security provider, securing critical web, mobile, and API applications for over 5,000 global customers. The company is known for integrating various security solutions, including web application scanners, firewalls, DDoS and bot mitigation, CDN, and a threat intelligence engine.