73% of Indian firms now report being a ransomware victim

The rate of ransomware attacks has increased in India, with 73 per cent of organisations reporting they were a victim of ransomware in 2023, up from 57 per cent the previous year, a new report said on Wednesday.

73% of Indian firms now report being a ransomware victim
Source: IANS

New Delhi, May 24 (IANS) The rate of ransomware attacks has increased in India, with 73 per cent of organisations reporting they were a victim of ransomware in 2023, up from 57 per cent the previous year, a new report said on Wednesday.

According to cybersecurity company Sophos, about 77 per cent of ransomware attacks against surveyed organisations succeeded in encrypting data, but only 44 per cent paid the ransom to recover their data -- a significant drop from 78 per cent last year.

On a global scale, the report showed that when organisations paid a ransom to decrypt their data, they ended up additionally doubling their recovery costs ($7,50,000 in recovery costs versus $3,75,000 for organisations that used backups to get their data back).

"Although dipping slightly from the previous year, the rate of encryption remains high at 77 per cent, which is certainly concerning. Ransomware crews have been refining their methodologies of attack and accelerating their attacks to reduce the time for defenders to disrupt their schemes," said Chester Wisniewski, field CTO, Sophos.

When the root cause of ransomware attacks was examined, the most common was an exploited vulnerability (in 35 per cent of cases), followed by compromised credentials (in 33 per cent of cases).

Moreover, the report mentioned that in 30 per cent of cases where data was encrypted, data was also stolen, suggesting this "double dip" method (data encryption and data exfiltration) is becoming commonplace.

Globally, the education sector reported the highest level of ransomware attacks, with 79 per cent of higher education organisations and 80 per cent of lower education organisations reporting that they were victims of ransomware.

"Human-led threat hunting is very effective at stopping these criminals in their tracks, but alerts must be investigated, and criminals evicted from systems in hours and days, not weeks and months," said Wisniewski.