Two-Thirds of Indian Firms Have been Targeted with Ransomware

Mar 17, 2018


Sophos has issued a new State of Enterprise Safety Report that provides insight into the key dangers faced by companies all over the world.

The report was based on a survey carried out on 2,700 IT managers located in 10 countries (USA, Germany, UK, France, Japan, Canada, South Africa, India, Mexico, and Australia).

Among of the main points from the report is the level to which Indian companies are being attacked and just how susceptible Indian businesses are to ransomware and malware attacks. The report discloses over two-thirds of Indian businesses have faced a ransomware attack – considerably more than companies located in other countries. Further, instead of shoring up defenses to safeguard against future attacks, several Indian companies have remained susceptible. One-third of companies in India have faced two or more ransomware attacks in the last year.

The cost of alleviating ransomware attacks is substantial. The Sophos report shows 3% of businesses have spent over $13.74 million alleviating ransomware attacks, with Indian businesses having spent the most – $1.17 million.

Sophos notices that the international average for infected appliances is 46.09%, though in India it is 54%. Attacks are also being targeted on particular industry subdivisions, with healthcare the most targeted and most susceptible sector. 76% of attacks were carried out on healthcare companies.

So why India is so susceptible to ransomware attacks? As per to the survey, it is not because of operating out-of-date software. Most Indian companies asserted they keep their software and operating systems completely patched and modern. Sophos proposes that the high occurrence of ransomware attacks is because of 70% of Indian companies failing to use anti-exploit expertise.

Ransomware attacks have become far more advanced over the past year with danger actors now using several ransomware variations and attack methods at the same time to maximize the possibility of success. Sophos informs that campaigns have been classified that involve four different ransomware groups. Cybersecurity solutions must find out all four variations, though, in many instances, one slips past safety defenses.

Threat actors are also not depending on spam electronic mail alone to install hateful software. In addition to using many malware variations, several attack methods are used like as abusing RDP, using spam electronic mail, and carrying out web-based attacks. The use of several malware variations and attack methods maximizes the possibility of danger actors discovering at least one gap in safety defenses.

Sophos also notices that the rise in BYOD adoption, use of the cloud, and spread of IoT appliances has widened the attack surface substantially which makes it simpler for cybercriminals and tougher for businesses to protect against attacks.