Over 78% of organisations in India were targeted by ransomware attacks in 2021, according to a report by cybersecurity firm Sophos. This figure was up from 68% for the previous year.
The State of Ransomware 2022 report also found that Indian organisations hit by ransomware paid US$1.2 million to get their data back. Around 10% of victims paid upwards of US$1 million.
“The ransomware situation in India is worrying,” said Sunil Sharma, Sophos’ managing director, sales, India and SAARC. “The numbers of victims, ransom payments and the impact of these attacks continued to rise during 2021, at considerable cost.”
According to the report, 78% of ransomware victims in India paid the ransom, despite many having other means to recover their data, such as backups. Among the 31 countries covered by the report, India had the highest rate of ransom payment. This sends a signal to cyber criminals that ransomware is a lucrative exploit in this market.
“While the average expense of recovering from an incident declined to US$2.8 million from US$3.4 million in 2020, it remains a significant number that should be sounding alarm bells among management teams of Indian firms,” Sharma said. “In 2021, the percentage of victim organisations directly impacted by ransomware increased from 68% to 78%. Ransomware isn’t something that might happen, it is something that will happen if you haven’t taken the precautions necessary.”
Firms hit by ransomware took around one month to recover from the disruption. Virtually all victims of ransomware took significant losses, with 97% saying the attack impaired their operations, while 92% said they lost business due to the attack.
Uptake of cyber insurance is on the rise in India, with 89% of mid-sized organisations having a cyber policy. For all reported incidents, insurance paid out some or all of the costs incurred, the report said.
The cyber insurance landscape, however, is changing rapidly. Ninety-four per cent of cyber insurance policyholders reported shifts in the market over the past 12 months, such as increased cybersecurity requirements, more complex or more expensive policies, and fewer providers of cyber cover.