73% of Indian companies victims of ransomware; Chennai, Bengaluru, Kolkata Top Picks for Hackers
Ransomware cases are on the rise in the country, with 73 percent of Indian organizations reporting being victims of such attacks in 2022. A new study by a UK-based firm found that Chennai, Bengaluru and Kolkata faced the highest number of ransomware attacks, followed by Delhi and Mumbai.
Cyber security company Sophos released the latest report after conducting a survey between January and March involving 14 countries, including India. The team received responses from 3,000 IT or cybersecurity leaders at mid-sized organizations, including 300 respondents from India.
“Nearly three-quarters of organizations in India report being victimized by ransomware criminals, so there’s a lot of work to be done. The key to reducing this number is to aggressively reduce the time it takes to detect and respond,” said Chester Wisniewski, CTO, Sophos.
Presenting the report on Wednesday, Sunil Sharma – head of sales (India and SAARC), Sophos – said the findings show that Chennai, Bengaluru and Kolkata face the highest number of ransomware attacks, followed by Delhi and Mumbai.
Sharma said there was no particular reason why Chennai, Bengaluru and Kolkata topped the list. In most of the ransomware cases in India, cybercriminals exploited existing vulnerabilities to fulfill their goals. In 35 percent of such cases, hackers attacked the system by exploiting vulnerabilities; and in 33 percent of cases, the root cause was found to be compromised user data.
“If an attacker finds vulnerabilities in the infrastructure, he will try to go through those holes to get into the organization,” Sharma said.
He added: “Another study found that people used the same password they were given during registration and deployment. They didn’t even bother to change it.”
The Sophos report also highlighted that hackers used other methods such as malicious emails, phishing and brute force attacks to gain access. In addition, it also showed that in 77% of the companies attacked, hackers encrypted data and in 38% of cases they stole data. While 44 percent of those whose data was encrypted in India paid the ransom, less than 50 percent of respondents whose organization paid the ransom shared the exact amount.
But in terms of data recovery, backup remains the most common method, with 73 percent of respondents using this method. But 85 percent of India’s private sector companies said the attack caused them a loss of business or revenue.
“Laws always supervise the administration, which I think is always positive. So laws like the Digital India Act and the Digital Personal Data Protection Bill, which are going to be tabled, will impact organizations in the right way,” Sharma said while talking about the impact of these laws on the Indian ecosystem.
The official further spoke about India’s awareness of such digital threats. “Many people are aware of cyber security issues and what kind of protection they should use for their devices. But given the huge population of the country, I think there is still a way to go,” he added.
Read all the Latest Tech News here.