Ransomware attacks against Indian organisations dropped to 64 per cent this year from 73 per cent reported last year, according to a cybersecurity solutions provider Sophos study. The annual ‘State of Ransomware in India 2024′ report released by the firm further stated that while the number of firms may have gone down, the impact on victims has grown more severe, with heightened ransom demands and recovery costs compared to the prior year.
Sophos’ survey is derived from an independent survey of 5,000 IT decision-makers across 14 countries, including 500 respondents in India. The findings reflect experiences collected between January and February 2024, where respondents were asked to respond based on the last 12 months.
For the first time, Indian organisations were found to be more inclined to recover data by paying the ransom (65 per cent) rather than utilising backups (52 per cent). The average ransom demand stood at $4.8 million, with 62 per cent exceeding $1 million and a median ransom payment of $2 million.
Around 44 per cent of impacted computers were encrypted in attacks against Indian victims, with 34 per cent of attacks involving data theft in addition to encryption. Excluding ransom payments, the average recovery cost was $1.35 million, and 61 per cent of victims restored data within a week, an increase from 59 per cent in 2022. Moreover, 96 per cent reported the attack to authorities, with 70 per cent receiving investigation assistance.
Global findings from the report found that only 24 per cent of ransom payers remit the originally requested amount, with 44 per cent paying less than the initial demand. The average ransom payment equated to 94 per cent of the initial demand. In over 80 per cent of cases, ransom funding came from various sources, with organisations covering 40 per cent and insurance providers 23 per cent.
