India has been the target of over 4.3 lakh cyber attacks from five countries including China, Russia and the US while more than 73,000 attacks were initiated from India between January and June this year, says a Finnish cybersecurity company.
According to F-Secure’s honeypot data, Russia, the US, China, the Netherlands and Germany targeted India with 436,090 attacks. This is nearly 12 times more than which originated from India.
Honeypots are basically decoy servers that emulate the real IT environment of a business enterprise.
Russia accounted for most cyber attacks on India (255,589), followed by the US (103,458), China (42,544), the Netherlands (19,169) and 15,330 attacks from Germany.
On the other hand, the top five countries that were targeted by Indian cyber attackers were Austria, the Netherlands, the UK, Japan, and Ukraine — a total of 36,563.
F-Secure gave the break-up: Austria (12,540), the Netherlands (9,267), the UK (6,347), Japan (4,701) and 3,708 attacks targeted Ukraine’s businesses.
“The relatively higher number of inbound attacks on Indian honeypots reflects how the fast-digitising country is becoming more lucrative for global cyber criminals,” Leszek Tasiemski, Vice President of cyber security products R&D at F-Secure, said in a statement on Sunday.
“We are gathering and analysing all the pertinent data to ensure that our customers stay protected given the dynamically evolving threat landscape,” he added.
To track these cyber attacks, F-Secure has deployed 41 honeypots across the globe.
“Our public honeypots are a valuable source of threat intelligence and an integral part of the infrastructure that powers our various security offerings, including our Rapid Detection and Response Service,” Tasiemski said.
Honeypots are set up explicitly to grab attention of attackers. They are used to gain critical insights on attack types, popular targets, sources, volume and TTPs (Tactics, Techniques and Procedures).
Such insights are collected by deliberately allowing potential attackers to gain unauthorized access to the emulated services of a server and then studying the attack path to the point that the attacker realizes it is a honeypot, F-secure said.
These honeypots are developed to deceive even elite hackers and appear to be serving a specific purpose or organisation.
They enable F-Secure to collect the latest malware samples or shell scripts and new hacking techniques.
The research data is then processed to further benefit F-Secure customers via product enhancements and threat intelligence reports.