India Tops the List of Countries Suffering Ransomware Attacks: What Businesses Can Do Better

According to a recent warning by Microsoft, India tops the list of countries that experienced ransomware attacks. The rate of ransomware attacks globally increased by 102% within the last year. India has topped the list for three consecutive years.

Nearly 68% of the organizations in India have experienced attacks using this type of malware in the last 12 months. Attackers spread ransomware through email, social media and exploit kits and hide malware in very small and simple programs and files on their victim's sites.

According to a 2017 Ransomware Report, India represents a unique opportunity for cybercriminals, given the gap between the low cyber protection level and the extensive use of computers by businesses and individuals alike.

The Sophos India Report

SophosLabs recently found that ransomware in India often targets businesses, families, and students. They recently conducted research showing the impact of ransomware on businesses. In the first phase of the research, 1,000 businesses from 27 countries were surveyed. In the second phase, 110 small and medium-sized Indian businesses were also surveyed to see how they deal with a real attack. The survey revealed that 92% of malware attacks hit small and medium-sized businesses (SMBs) in India.

Although the number of organizations affected by the ransomware attacks is a little lesser than last year, the attacks are still rampant in India.

Sunil Sharma, of Sophos India, said, “While the proportion of organisations hit by ransomware has declined compared to the previous year, Indian organisations are still far more likely to be hit than those in any other country surveyed. This could be due to the high level of domestic ransomware in India, as seen by SophosLabs, leading to a situation where Indian adversaries are targeting Indian organisations.”

“Furthermore, while the drop in attacks is welcome, it reflects, at least in part, changes in attacker behaviours. At Sophos, we have seen attackers switching to more targeted attacks that include human hands-on keyboard hacking in order to bypass an organisation’s defences. It is harder and more expensive for businesses to recover from these complex attacks, which can leave their operating budgets significantly affected,” he added.

Compared to global attacks, Indian organizations are more likely to be hit with ransomware. It’s potentially very damaging to their operations, whether it’s in medical services, public transport, or refineries. Indian businesses need to understand the type of data they are storing, how valuable they are, and implement data protection mechanisms.

Businesses need to invest in better security software solutions so they can defend themselves from the latest cyber-attacks. Most organizations and individuals ignore the importance of backed-up data. Hence when any such ransomware attacks occur, they are forced to pay the attacker or go without the data.

Preventing Ransomware Attacks in India

Even with the advent of new tools and features, businesses remain deeply vulnerable to hackers and cybercriminals. Preventing ransomware attacks starts by creating awareness of cybersecurity threats.

Once businesses and individuals become security-conscious and vividly aware of the dangers of ransomware in India, there will be a decline in its rate.

Staying security-conscious entails knowing the basic security rules to adhere to when using the internet. Not clicking on unknown links, not disclosing personal information over the web, and updating programs regularly are some of the basic rules that can prevent an attack.

Protecting your business from the threat of ransomware requires the latest, most sophisticated security technologies. The best solution is a cybersecurity framework that protects against network threats, user threats, and malware. This is a combination of tools integrated to produce the best security. In this case, businesses should employ an effective combination of gateway solutions with built-in advanced malware prevention and control capabilities.

Endpoint detection and response (EDR) solutions can prevent ransomware attacks by detecting malicious activity at the moment it attempts to enter the network. Despite the importance of IT-based security solutions, the most effective way to minimize cyber risks is by augmenting these solutions with endpoint security tools. These tools provide effective security against ransomware and other malicious files that evade traditional protection mechanisms. Advanced malware protection will stop known threats in their tracks before they can cause harm.

Having a backup system in place is perhaps the most effective way to restore important data if it gets encrypted. Businesses should consider outsourcing their IT infrastructure and storing data on the cloud to avoid ransomware damage. Cloud storage systems provide a level of redundancy that allows companies to recover from ransomware attacks without disrupting their business.

Along with backup systems, businesses should develop a response plan for ransomware attacks that takes into account how employees will respond, what information the business may lose if attacked, and how management should handle an attack if one occurs.

According to Sharma, “Using decryption keys to recover information can be complicated as there is no guarantee of success. Ransomware attacks are not going away and it is more important than ever to protect against the attackers’ malicious manoeuvres.”