India is one of the most affected countries in terms of ransomware attacks, according to a global survey by cybersecurity firm Sophos called “The State of Ransomware 2021.”

As per the survey, India tops the list of top 30 countries for ransomware attacks with 68 per cent of Indian organisations surveyed being hit by ransomware in the last 12 months.

However, the number of organisations hit by ransomware attacks has come down from 82 per cent in the previous year. 72 per cent of Indian organisations hit by ransomware admitted that data had been encrypted in the most significant ransomware attack, down from 91 per cent in the previous year.

Sunil Sharma, managing director – sales, Sophos India and SAARC, said, “While the proportion of organisations hit by ransomware has declined compared to the previous year, Indian organisations are still far more likely to be hit than those in any other country surveyed. This could be due to the high level of domestic ransomware in India, as seen by SophosLabs, leading to a situation where Indian adversaries are targeting Indian organisations.”

Also read: 2020 the most productive year for ransomware: Report

“Furthermore, while the drop in attacks is welcome, it reflects, at least in part, changes in attacker behaviours. At Sophos, we have seen attackers switching to more targeted attacks that include human hands-on keyboard hacking in order to bypass an organisation’s defences. It is harder and more expensive for businesses to recover from these complex attacks, which can leave their operating budgets significantly affected,” added Sharma.

Cost of ransomware

Ransomware attacks have had significant financial repercussions. As per the survey, the average total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $7,61,106 in 2020 to $1.85 million in 2021 globally. In India, the approximate recovery cost from the impact of a ransomware attack tripled in the last year, up from $1.1 million in 2020, to $3.38 in 2021.

The survey also highlighted that 67 per cent of Indian organisations whose data was encrypted paid a ransom to get back their data as compared to the previous year when 66 per cent paid a ransom.

“In fact, Indian organisations were the most likely to pay a ransom of all countries surveyed: the global average was just under one third (32 per cent),” the report said.

Also read: How ransomware ecosystem operates

The average ransom payment in India was $76,619. However, despite paying up the ransom, on average, organisations could retrieve only 75 per cent of their data in India, compared to a global average of 65 per cent and only 4 per cent got all their data back.

The survey also found that 86 per cent of Indian organisations believe cyberattacks are now too complex for their IT team to handle on their own, compared to a global average of 54 per cent.

As for the organisations not impacted by ransomware in the last 12 months, 86 per cent expect to become a target. The top reason given for this (57 per cent) is that ransomware attacks are getting increasingly hard to stop due to their sophistication.

“The findings further highlight the brutal fact that paying a ransom to get data restored can be illusory,” Sharma said.

“Using decryption keys to recover information can be complicated as there is no guarantee of success. Ransomware attacks are not going away and it is more important than ever to protect against the attackers’ malicious manoeuvres. If organisations are attacked they don’t need to face this challenge alone. Support is available 24/7 in the form of external security operations centres, human-led threat hunting and incident response services,” Sharma said.

The survey polled 5,400 IT decision-makers in mid-sized organisations in 30 countries across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa, including 300 respondents in India.

Related Topics
comment COMMENT NOW