- 4 to 5 Months – Time attackers spend studying vulnerabilities before making ransomware attack
- 55% enterprises hit by a ransomware attack were ignorant
- Almost 60% of ransomware attacks in India go unreported
- Nearly 70% of attackers demand ransom via Crypto Currencies; Bitcoin remains the top mode of payment
New Delhi, 7 August 2024: Indian enterprises are dealing with an all-pervasive threat of ransomware attacks with 8 out of 10 enterprises confirming they have experienced such attacks in recent months, a new survey by leading enterprise IT analyst firm Think Teal has revealed. Almost 40% of large enterprises have been a victim of Phishing email-led attack. Also, 92% of all enterprises surveyed said they believe operational disruption would be a major impact of a ransomware attack on their business.
The survey findings are based on interviews with over 278 CIOs and IT decision-makers of large enterprises and are part of Think Teal’s “Tealscope State of Ransomware in India, 2024” report. These enterprises each have a minimum of 500 employees and represent diverse industry verticals, including BFSI, IT, ITeS, Manufacturing, Government, Media, Healthcare and Retail, among others.
Ransomware is a special category of cyberattacks in which threat actors lock organizations out of their own data until a ransom is paid. Ransomware attacks have emerged as the most frequently carried out attacks on Indian business entities.
The report’s findings also underline the twin criticality of data for modern enterprise. While 78% business leaders agree that “data” is what gives a company a competitive advantage, data-driven enterprises also face heightened risks with a 10-fold increase in susceptibility to ransom demands. Further, nearly 70% of attackers demand ransom via cryptocurrencies, and nearly five out of ten times the ransom is paid via Bitcoin.
“Ransomware attacks pose a significant and evolving threat to organizations across India, requiring a multifaceted approach to cybersecurity. It is imperative for modern, data-driven enterprises to prioritize proactive measures such as comprehensive employee training, robust backup and recovery strategies, and collaboration with trusted cybersecurity partners,” says Apalak Ghosh, Founder and Chief Analyst, Think Teal.
The report also notes that while 53% of organizations have no or weak incident response plan to handle Ransomware attacks, enterprises with large networks or IT infrastructure in India spend an average of 9-10 days for restoration after a ransomware attack. Additionally, 80% of business leaders agree that ransomware attacks make them lose business’ credibility or reputation.
“The findings of our report underscore the urgent need for organizations to fortify their defences against ransomware attacks. As cyber threats continue to evolve, proactive measures such as increased investment in specialized security tools as well as cyber insurance, leveraging managed services, and prioritizing employee education are crucial for safeguarding against these pervasive threats,” says Nithin Uttarkar, Associate Director at Think Teal.
The report notes that professional criminals (68%) and state-sponsored attackers (15%) play a primary role in ransomware attacks in India. Separately, nearly 55% of organizations who are hit by a ransomware attack in the past were ignorant about the attacks and thought such attacks would not happen to their organization. Further, 47% business leaders surveyed for the report agree that their strategies do not evolve or have not evolved as attacks grow more sophisticated.