“Continually reviewing security posture and incident response plans will also greatly improve an organization’s resilience against these relentless attacks,” said Sunil Sharma, Vice President, Sales, India, and SAARC, Sophos.
NEW DELHI, India, May 14, 2024: Sophos, a global leader in innovative cybersecurity solutions that provide protection against cyberattacks, today released its annual “State of Ransomware in India 2024” report. The findings show a decrease in the rate of ransomware attacks against Indian organizations from the 73% reported in last year’s study to 64% in this year’s. However, the impact on victims has intensified, with higher ransom demands and recovery costs compared to the previous year.
The State of Ransomware in India 2024 report findings are derived from an independent survey of 5,000 IT decision-makers across 14 countries, including 500 respondents in India. Conducted in January and February 2024, respondents were asked to answer based on their experiences in the previous 12 months. For the first time, Indian organizations were found to be more likely to recover data by paying the ransom (65%) than using backups (52%). The average ransom demand was $4.8 million, with 62% of demands exceeding $1 million. The median ransom paid was $2 million.
Key findings from the India report include:
- 44% of impacted computers, on average, were encrypted in attacks against Indian victims.
- 34% of attacks included data theft in addition to encryption, slightly down from 38% the previous year.
- Excluding ransom payments, the average cost to recover from an attack was $1.35 million.
- 61% of victims were able to recover data within a week, up from 59% in 2022.
- 96% reported the attack to authorities, with 70% receiving investigation assistance.
“Prevention remains the most cost-effective ransomware strategy. Having solid defense-in-depth cybersecurity with anti-ransomware capabilities and ensuring in-depth defense protection with 24/7 monitoring is critical. At the same time, it is equally important to develop response capabilities and comprehensive backup and recovery measures,” said Sunil Sharma, Vice President, Sales, India, and SAARC, Sophos. “Continually reviewing security posture and incident response plans will also greatly improve an organization’s resilience against these relentless attacks.”
Additional key global findings from the report include:
- Less than one-quarter (24%) of those who pay the ransom hand over the amount originally requested, and 44% of respondents reported paying less than the original demand.
- The average ransom payment came in at 94% of the initial ransom demand.
- In more than four-fifths (82%) of cases, funding for the ransom came from multiple sources. Overall, 40% of total ransom funding came from the organizations themselves and 23% from insurance providers.
- 94% of organizations hit by ransomware in the past year said that the cybercriminals attempted to compromise their backups during the attack, rising to 99% in both state and local governments. In 57% of instances, backup compromise attempts were successful.
- In 32% of incidents where data was encrypted, data was also stolen—a slight lift from last year’s 30%—increasing attackers’ ability to extort money from their victims.
John Shier, field CTO, Sophos, said, “We must not let the slight dip in attack rates give us a sense of complacency. Ransomware attacks are still the most dominant threat today and are fueling the cybercrime economy. Without ransomware, we would not see the same variety and volume of precursor threats and services that feed into these attacks. The skyrocketing costs of ransomware attacks belie the fact that this is an equal-opportunity crime. The ransomware landscape offers something for every cybercriminal, regardless of skill. While some groups are focused on multi-million-dollar ransoms, there are others that settle for lower sums by making it up in volume.”
Sophos recommends the following best practices to help organizations defend against ransomware and other cyberattacks:
- Understand your risk profile with tools such as Sophos Managed Risk, which can assess an organization’s external attack surface, prioritize the riskiest exposures, and provide tailored remediation guidance.
- Implement endpoint protection that is designed to stop a range of evergreen and constantly changing ransomware techniques, such as Sophos Intercept X.
- Bolster your defenses with round-the-clock threat detection, investigation, and response, either through an in-house team or with the support of a Managed Detection and Response (MDR) provider.
- Build and maintain an incident response plan, as well as make regular backups and practice recovering data from backups.
Read the State of Ransomware 2024 report for global findings and data by sector.
Also read: Unveiling the Ethical Imperatives: Navigating the Intersection of AI and Cybersecurity
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.