A new survey by cybersecurity company Sophos showed that in a majority of ransomware cases in India, cybercriminals exploited existing vulnerabilities to fulfil their agenda
Ransomware incidents have increased in the country while 73 percent Indian organisations said they had been victim to such attacks in 2022. A new survey by a UK-based company showed that Chennai, Bengaluru and Kolkata faced the maximum number of ransomware attacks followed by Delhi and Mumbai.
Cybersecurity company Sophos released the latest report after conducting a survey between January and March, involving 14 countries including India. The team received responses from 3,000 IT or cybersecurity leaders in midsized organisations, including 300 respondents in India.
“With almost three-quarters of Indian organisations reporting that they have been victim to ransomware criminals, a lot of work needs to be done. The key to lowering this number is to work to aggressively lower time taken to detect as well as to respond,” said Chester Wisniewski, field CTO of Sophos.
While presenting the report on Wednesday, Sunil Sharma – the managing director of sales (India and SAARC) at Sophos – said according to the findings, Chennai, Bengaluru and Kolkata are facing the maximum number of ransomware attacks followed by Delhi and Mumbai.
Sharma said there was no particular reason why Chennai, Bengaluru and Kolkata were at the top of the list. In a majority of ransomware cases in India, cybercriminals exploited existing vulnerabilities to fulfil their agenda. In 35 percent of such cases, hackers invaded the system by exploiting vulnerabilities; and in 33 percent cases, compromised credentials were found to be the root cause.
“If an attacker finds some vulnerabilities in an infrastructure, they try to go through those holes to enter the organisation,” Sharma said.
He added: “In another survey, it was found that people were using the same password they received during registration and deployment. They didn’t even bother to change that.”
The Sophos report also highlighted that hackers used other methods like malicious emails, phishing and brute-force attacks to get access. Additionally, it also showed that among the companies that were attacked, in 77 percent of them, the hackers encrypted the data while in 38 percent cases, they stole data. While 44 percent of those that had data encrypted in India paid the ransom, less than 50 percent of respondents, whose organisation paid the ransom, shared the exact amount.
But in terms of data recovery, backups remain the most common method and 73 percent of respondents used this method. But 85 percent of private sector companies in India said the attack caused them to lose business or revenue.
“Laws always enforce governance, which in my opinion is always positive. So laws like the Digital India Act and Digital Personal Data Protection Bill, which are going to be tabled, are going to impact organisations in the right way,” Sharma said, talking about the effect of these laws on the Indian ecosystem.
The official further spoke about the awareness in India about such digital threats. “Lot of people are aware of cybersecurity issues and what type of protection they should use for their devices. But considering the huge population of the country, I believe that there is still a long way to go,” he added.