There has been an alarming rise in ransomware breaches globally, including in India, which increased by 13 per cent in the past year, representing a jump greater than the past 5 years combined according to the “Verizon Business 2022 Data Breach Investigations Report (2022 DBIR)”.
The report analysed 23,896 security incidents, of which 5,212 were confirmed breaches.
Heightened geopolitical tensions are driving increased sophistication, visibility, and awareness around nation-state affiliated cyber-attacks.
“The continued explosion of connected devices and widespread digitisation in multiple sectors has increased the likelihood of cyberattacks, especially ransomware,” said Anshuman Sharma, Head Investigative Response, APJ, Verizon.
While the pandemic led to a rise in ransomware attacks, the inaction, or the delay in the implementation of technical and infrastructure changes in the new normal has made organisations more vulnerable.
“The emergence of Ransomware as a Service (RaaS) and the adoption of cryptocurrency could be a contributing factor as well,” Sharma added.
“Roughly 4 in 5 breaches can be attributed to organised crime, with external actors approximately 4 times more likely to cause breaches in an organisation than internal actors,” the findings showed.
Involvement of the human element
The human element was involved in 82 per cent of all breaches analysed over the past year and about 25 per cent of total breaches in the report were the result of social engineering attacks.
As India Inc across industries adopts a hybrid work model, new security challenges and complexities continue to emerge.
“India can be transformed into a digitally-empowered society and address the emerging challenges within the technology space if organisations invest more in security along with the government’s robust cybersecurity strategy and approach,” Sharma concluded.
According to a recent report by Sophos seven out of ten (78 per cent) Indian organisations were hit with ransomware attacks last year, up from 68 per cent in 2020.
The average ransom paid by the Indian organisations that had data encrypted in their most significant ransomware attack was $1,198 475, with 10 per cent of victims paying ransoms of $1 million or more.