The Sophos study reveals that while the ransomware attack rate has dropped in India, the impact has increased over time
Sophos today released its annual “State of Ransomware in India 2024” report. The findings show a decrease in the rate of ransomware attacks against Indian organizations from the 73% reported in last year’s study to 64% in this year’s. However, the impact on victims has intensified, with higher ransom demands and recovery costs compared to the previous year.
The State of Ransomware in India 2024 report findings are derived from an independent survey of 5,000 IT decision makers across 14 countries, including 500 respondents in India. Conducted in January and February 2024, respondents were asked to answer based on their experiences in the previous 12 months. For the first time, Indian organizations were found to be more likely to recover data by paying the ransom (65%) than using backups (52%). The average ransom demand was $4.8 million, with 62% of demands exceeding $1 million. The median ransom paid was $2 million.
Key findings from the India report include:
- 44% of impacted computers on average were encrypted in attacks against Indian victims
- 34% of attacks included data theft in addition to encryption, slightly down from 38% the previous year
- Excluding ransom payments, the average cost to recover from an attack was $1.35 million
- 61% of victims were able to recover data within a week, up from 59% in 2022
- 96% reported the attack to authorities, with 70% receiving investigation assistance
Sunil Sharma, Vice President, Sales, India and SAARC, Sophos, said, “Prevention remains the most cost-effective ransomware strategy. Having solid defense-in-depth cybersecurity with anti-ransomware capabilities, ensuring in-depth defense protection with 24/7 monitoring is critical. At the same time, it is equally important to develop response capabilities, and comprehensive backup and recovery measures. Continually reviewing security posture and incident response plans will also greatly improve an organization’s resilience against these relentless attacks.”
“We must not let the slight dip in attack rates give us a sense of complacency. Ransomware attacks are still the most dominant threat today and are fueling the cybercrime economy. Without ransomware we would not see the same variety and volume of precursor threats and services that feed into these attacks. The skyrocketing costs of ransomware attacks belie the fact that this is an equal opportunity crime,” said John Shier, field CTO, Sophos. “The ransomware landscape offers something for every cybercriminal, regardless of skill. While some groups are focused on multi-million-dollar ransoms, there are others that settle for lower sums by making it up in volume.”
