Ransomware is extortion software designed to lock or encrypt a device or data or a system and then demand a ransom for its release.
This attack follows a simple plan wherein attacker gains access to a device or protected data in the cloud, depending upon the nature of ransomware, it will then lock or encrypt device, data stored in the cloud or the entire internal network of the organisation.
Why are Ransomware attacks a matter of concern:
Indian organisations are repeatedly targeted by the Ransomware attacks. A 2023 study conducted by Sopohs, a cybersecurity company showed that 73% of organisations reported being victims of Ransomware attacks. Out of these 77% organisations reported that attackers succeeded in encrypting data, with 44% paying the ransom to retrieve their data.
Additionally, according to the Indian ransom report released by India’s computer emergency response team a 5% increase in Ransomware attacks was reported in 2022.
Why threat actors target IT organisations:
Threat actors tend to focus their attack on organisations that had valuable data. The more value the data has to the organisation the higher the chances that ransom will be paid.
IT organisation and software vendors held a lot of valuable data including sensitive information like intellectual property. Data held by IT organisation could include personally identifiable data of clients, users, intellectual property, access credentials and financial information.
Which other Indian organisations faced Ransomware attacks:
A US based subsidiary of Infosys was reportedly targeted by Ransomware attack.
Indian drug manufacturer Sun pharma was hot by a cyberattack, a ransom group claimed responsibility for attack impacting the company’s revenue.
In 2022 a ransomware attack crippled the All-India Institute of Medical Science. Hackers reportedly demanded Rs 200 crores in cryptocurrency from the hospital.