Indian Companies Have a Ransomware Vulnerability

A survey of companies by the cybersecurity firm Sophos found that over half of affected Indian respondents, 53 per cent, paid ransomware to hackers to get their data and information back. The median amount paid was US$481,636 or around Rs 4 crore. The survey was done between January and March this year and asked about ransomware attacks that happened earlier. Even those who did pay, had to spend almost US$ 1 million in recovery costs, showing the scale of the problem.

The phenomenon of ransomware indicates how crucial data is to the operations of companies. In an earlier era, when criminals wanted to use ransom as a means of extortion, they would kidnap executives, banking on the company recognising itself as responsible for its employees’ safety. But the crime would not be a threat to the survival of the company. Ransomware brings in that possibility. Usually data is accumulated over the lifetime of the company and if it did not have the foresight to have strong backups which criminals cannot get to, it would find itself handicapped in doing future business.

The easier option is to just pay up, which is why the survey showed such a high compliance rate for the demands. The other characteristic about digital ransoming is the criminal could be physically at any part of the globe, making apprehension near impossible without the coordination of multiple agencies across continents. The solution to ransomware is to have overwhelmingly strong security protocols and backups. The survey showed that awareness is increasing but it is not enough.

cybersecuritydata recoveryIndiaransomwareSophos surveyWeb Exclusive