Latest news with #ThreatLandscapeReport
Techday NZ
5 days ago
- Techday NZ
Malware complexity soars 127% as older defences miss threats
Malware complexity has increased sharply in the past year, with legacy security systems failing to detect a significant number of threats, according to research released by OPSWAT. The company's first Threat Landscape Report, drawing on data from over 890,000 sandbox scans conducted in the past 12 months, highlights substantial challenges for organisations relying on traditional, signature-based cyber defences. The report found a 127% increase in the complexity of malware and revealed that one in every fourteen files previously considered 'safe' by older systems was in fact malicious. Malware on the rise Central to the report's findings is a dramatic escalation in malware complexity, with attackers increasingly using multi-stage, evasive techniques. OPSWAT noted that its sandbox technology exposed a 127% spike in what it calls 'multi-stage malware complexity' over the past year. The report points to layered threats employing tactics such as obfuscated loaders like NetReactor, which are specifically designed to circumvent static analysis and signature-based detection methods. The data suggests attackers now favour approaches intended to confuse rather than simply overwhelm legacy defences. According to the report, "modern malware intends to confuse, not flood, which is why OPSWAT's pipeline is purpose-built to unpack that complexity." Early and proactive detection Another significant finding from the report is the effectiveness of adaptive, behavioural analysis techniques over static and reputation-based methods. OPSWAT's analysis determined that 7.3% of files missed by open-source intelligence feeds were in fact malicious, generally identified 24 hours before they became known on public data sources. These cases were confirmed executions, not hypothetical threats. This approach, the company suggests, helps close the gaps left by more traditional systems, which may lag in reclassifying emerging threats. The results underscore the importance of context-led detection and rapid response for organisations handling sensitive or critical infrastructure. Context and campaign-level insights With data from hundreds of thousands of scans, OPSWAT's analysis goes beyond isolated incidents to correlate threats at a campaign level. The system identifies repeat techniques, tactics, and procedures (TTPs), reused command-and-control (C2) infrastructure, and shared behavioural patterns across malicious campaigns. By doing so, the platform can offer defenders actionable, context-rich intelligence rather than overwhelming them with excessive indicators that may be of limited value. According to the report, this enables a more effective response strategy and allows defenders to anticipate evolving adversarial behaviour, instead of playing catch-up with each new individual threat. Detection accuracy and new techniques OPSWAT reports a detection accuracy of 99.97% through its behavioural and machine learning pipeline, which has been enhanced with a newly developed PE emulator. This system successfully identified sophisticated attack methods, including clipboard hijacking via ClickFix, steganography-wrapped loaders, C2 channels embedded in Google services, and .NET Bitmap malware loaders delivering Snake Keylogger payloads. "Our strength lies in precision, behavioral depth, and early visibility into emerging attacks," said Jan Miller, Chief Technology Officer of Threat Analysis at OPSWAT. "That's what sets OPSWAT apart in delivering high-fidelity, context-aware threat intelligence." Shifting threat landscape The report warns that organisations responsible for critical infrastructure, government systems, and enterprise operations are facing greater targeting by increasingly modular and evasive malware campaigns. It highlights the risks of continued reliance on outdated defences, and stresses the need for integrated, multi-layered security measures as adversaries adapt their techniques. The report emphasises the necessity for cybersecurity leaders to prioritise adaptability, shared intelligence, frequent technology reassessment, and fast behavioural detection pipelines, not only to protect against known threats but also to address a rapidly changing threat environment. which forms part of the OPSWAT MetaDefender Platform, is powering much of the company's advanced threat detection and file analysis across sensitive and critical digital environments, according to the report.
Hindustan Times
28-07-2025
- Business
- Hindustan Times
Bridging the gap between ground reality and global standards
India is leading the race of digital transformation and currently stands at the crossroads in its cybersecurity journey. Cybersecurity (Shutterstock (PIC FOR REPRESENTATION)) With over 800 million internet users in the country and a rural penetration of 488 million, it would not be incorrect to say that digital transformation is being driven through the remotest villages and towns of the country. Add to this, the reliance on digital transactions through revolutionary tech of UPI payments system, and the stakes for cybersecurity become astronomically high. The country has made significant strides in establishing a regulatory framework to counter the threats coming to the fore for digital adoptions by launching key initiatives. But the ground reality of an expanding cyber threat landscape continues to pose formidable challenges when compared to the global cybersecurity standards. India's ambition of being a leader in the digital realm is clear. But the path is intertwined with a dynamic interplay of vulnerabilities and evolving defences. India's digital footprint grew ten-fold especially in the years post pandemic. With an expansive digital footprint, the country has inevitably broadened its attack surface and invariably making it a prime target for cyber adversaries. According to the Cyble's Threat Landscape Report, India ranked as the most targeted country in Asia and second most globally. Another report on defining the ransomware threat landscape, also quoted India as the prime target in the APAC region. Qilin, RansomHub and Cl0P were the most active actors with information technology (IT) and manufacturing being the most targeted sectors. The financial toll is equally alarming. The country lost an astounding ₹22,845.73 crore to cybercriminals in 2024, marking a sharp 206% surge from the previous year. The main cyber threats include ransomware, phishing campaigns, data breaches, and a rising number of Artificial Intelligence (AI)-driven deepfake attacks. In the underbelly of these alarming numbers are persistent and systemic vulnerabilities that are out in the open yet often ignored. Some of them are: Low cybersecurity awareness: A significant portion of the population, like mentioned earlier, is from rural parts where awareness is usually restricted to only checkbox campaigns. But this is not just a rural or urban problem. Many enterprises in tier 1 and 2 cities also lack basic awareness of safer online practices. This makes human error a leading cause of breaches. A significant portion of the population, like mentioned earlier, is from rural parts where awareness is usually restricted to only checkbox campaigns. But this is not just a rural or urban problem. Many enterprises in tier 1 and 2 cities also lack basic awareness of safer online practices. This makes human error a leading cause of breaches. Skill shortage: There is huge gap in the demand and supply for skilled cybersecurity professionals. Of course, universities and education system, in general, is now taking note of this. There is huge gap in the demand and supply for skilled cybersecurity professionals. Of course, universities and education system, in general, is now taking note of this. Outdated frameworks and resource constraints: Several organisations, particularly MSMEs, struggle with legacy systems and resource limitations. Some of the core banking functionalities in India also still run on outdated technology which makes the adoption of advanced security solutions difficult. Several organisations, particularly MSMEs, struggle with legacy systems and resource limitations. Some of the core banking functionalities in India also still run on outdated technology which makes the adoption of advanced security solutions difficult. Under-reporting: Reputational damage is the biggest fear businesses and organisations face when it comes to breaches and security incidents. This is the prime reason why several incidents often go unreported. Despite the challenges, India has made significant efforts to match the capabilities of its foreign counterparts. The country is moving towards a multi-layered cybersecurity framework designed to safeguard its digital ecosystem. The Information Technology (IT) Act, 2000, although a couple of decades old, has undergone significant amendments. It serves as baseline legislation and governs cybercrime, data protection, and electronic transactions. The law requires organisations handling sensitive personal data of Indian to follow reasonable security practices and procedures. To further strengthen its data governance and give the power of owning the data to its uses, the government has also introduced the Digital Personal Data Protection Act of 2023 (DPDP Act). This act not only strengthens individual data privacy rights but also align India more closely with global data protection standard like the European Union's GDPR framework. With a view to help industry specific incident response, the country also established the Indian Computer Emergency Response Team (CERT-In). It aids organisations in providing first-hand incident response by collecting, analysing and disseminating threat intelligence. Additionally, the government has established the Indian Cyber Crime Coordination Centre (I4C), and the National Critical Information Infrastructure Protection Centre (NCIIPC) which provides added expertise with threats related to frauds and critical infrastructure. Other government Initiatives like Cyber Swachhta Kendra offer free tools for malware analysis and botnet tracking, while the National Centre of Excellence (NCoE) in collaboration with DSCI focuses on cybersecurity technology development and entrepreneurship among the younger generation. India believes cyber threats transcend borders and thus also actively forging partnerships through Memoranda of Understanding (MoUs), which will help in sharing of threat intelligence with its allies like the UK, Japan, and the US. On paper, India's legislative and institutional architecture looks robust and promising, the challenge though lies in its consistent and widespread implementation across a diverse and rapidly digitising economy. Regulatory gaps persist and many businesses are striving to achieve full compliance with evolving laws. India aspires to build its own capabilities, reduce external dependence, and emerge not just as a leading consumer of digital technologies, but also a trusted global provider of tech products, services, and solutions. The recently drafted National Telecom Policy 2025 (NTP-25) is the proof of India's commitment towards it. The policy explicitly factors in next-generation technologies like 5G/6G, AI, IoT, and quantum communications, aiming for a 10% global share in 6G-related Intellectual Property Rights (IPR) by 2030. This signals a strategic push towards not just following but setting global standards in critical areas. The journey from ground reality to global leadership in cybersecurity is complex and continuous. It demands sustained investment in talent development, a proactive approach to emerging threats like AI-powered attacks, the widespread adoption of advanced security paradigms like AI-driven threat intelligence, and a cultural shift towards prioritising cybersecurity at every level. India's digital future and its national security hinges on its ability to effectively bridge this crucial gap. This article is authored by Ankit Sharma, senior director and head, solutions engineering, Cyble.
