Credits: Wikimedia Commons

As the world around us gets more and more ‘digital’ by the day, the problems and dangers increase exponentially. Not only can your data be stolen and misused, but you may be unable to operate your computer unless you pay a certain sum to the hackers who have held you at ransom. According to a study by cybersecurity firm Sophos, India is one of the most affected countries in terms of ransomware attacks (68% of Indian organizations surveyed being hit by ransomware in the last 12 months), and the average total cost of recovery from a ransomware attack has more than doubled in a year from $761,106 in 2020 to $1.85 million in 2021. Additionally, the approximate recovery cost from the impact of a ransomware attack tripled from $1.1 million in 2020 to $3.38 million in 2021.

The survey by Sophos, which included 5,400 IT decision makers in mid-sized organizations (in 30 countries across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa, including 300 respondents in India), also revealed that only a meagre 4% of Indian organizations who paid the ransom got the entirety of their data back, while most organizations retrieved 75% of their data. The survey has also revealed that 67% of Indian organizations whose data was encrypted paid a ransom to get back their data, an increase of 1%, and significantly higher than the global average of 32%. The average ransom payment in India has been calculated at $76,619.

“While the proportion of organizations hit by ransomware has declined compared to the previous year, Indian organizations are still far more likely to be hit than those in any other country surveyed,” said Sunil Sharma, managing director-sales, Sophos India and SAARC.

He added that while the drop in attacks is welcome, it reflects, at least in part, changes in attacker behaviors. Attackers have been switching to more targeted attacks that include human hands-on keyboard hacking in order to bypass an organization’s defenses, according to Sharma and it is becoming harder and more expensive for businesses to recover from these complex attacks, which can leave their operating budgets significantly affected.

Unfortunately, 86% of Indian organizations are of the opinion that cyberattacks have become too complex today for their IT team to handle on their own, compared to a global average of 54%.

While this is concerning, the India organizations which have not been victims of the ransomware attacks to date are not out of the woods yet. In fact, 86% of such organizations can become the next target, since ransomware attacks are getting increasingly hard to stop due to their sophistication. In fact, 72% of Indian organizations have admitted that data had been encrypted in the most significant ransomware attack.

Why are Indian organizations more at risk than others? It is because of the high level of domestic ransomware in India, leading to a situation where Indian adversaries are targeting Indian organizations.

Ransomware attack have become more and more sophisticated as the people behind them evolve constantly to bypass security and hold organizations at ransom, and there is no guarantee of recovering all the data even after the ransom is paid. “Ransomware attacks are not going away and it is more important than ever to protect against the attackers’ malicious maneuvers. If organizations are attacked they don’t need to face this challenge alone. Support is available 24/7 in the form of external security operations centers, human-led threat hunting and incident response services,” Sharma said.