Ransomware attacks rising in India, says report

Global cyber security major K7 Computing’s Cyber Threat Monitor Report, an analysis of the cyber threat landscape in India, reports a sudden increase in ransomware attacks targeting Indian enterprises during the first quarter of this fiscal.

The report analysed various cyberattacks during the quarter and found that threat actors are increasing the frequency of their attacks with new and sinister strategies. The increase in frequency of attacks has been enabled by ransomware operators offering ransomware as a service to cyber attackers.

Modern ransomware operators have transformed themselves into businesses and are extremely focused on their targets and attacking strategies. Threat actors now operate like high-end software enterprises offering Ransomware as a Service (RaaS).

Modern RaaS solutions come with high-end tools like a dashboard to display attack status in real time, customer helpline, and more. Threat actors are also increasing their advertisements on the dark web, offering a variety of customised attacks.

The report disclosed a 4 per cent increase in the infection rate across the country. Malware in the form of ransomware, Remote Access Trojans and Banking Trojans have been on the rise during the quarter.

City-wise break-up

Chennai, Pune, Ahmedabad and Hyderabad recorded the highest rate of infections amongst Tier-I cities; Guwahati, Jaipur and Jammu had the highest infection rate of 38 per cent each followed by Patna at 35 per cent amongst Tier-II cities.

The attacks were designed to exploit user trust and scam people for financial gain. Threat actors have continued to exploit vulnerabilities in operating systems, application software, and firmware in this quarter.

Zoom and Microsoft Teams were the most at risk. Apart from this, hackers have also taken advantage of salient weaknesses in Windows, Android, iOS, and IoT devices, the release said.

J Kesavardhanan, Founder & CEO of K7 Computing, said “It is an area of significant concern for the country during this critical situation. Cyber attackers have been shifting their aim towards the enterprise market, exploiting the lack of cybersecurity awareness amongst start-ups and SMEs. It is not only a major threat to businesses but also to consumers who are dependent on the internet. Cybercriminals are getting smarter and cyberattacks are becoming more sophisticated. Be it malware, data loss, or hacking, netizens and especially enterprises are at greater risk of becoming victims of cybercrime than ever before.”

“We are also witnessing an increase in phishing attacks due to the panic caused by Covid-19 and offices transitioning their workforce from centralised secure hubs to remote workstations at home. This is particularly challenging for small- and medium-sized businesses that don’t have a full-time IT security professional to monitor and enforce adequate protection,” he added.