Indian organisations that paid the ransom got back, on average, 75 per cent of their data - compared to a global average of 65 per cent - and only 4 per cent got all their data back.
About 67 per cent of Indian organisations whose data was encrypted paid a ransom to get back their data–a slight increase on the previous year when 66 per cent paid a ransom.
In fact, Indian entities were the most likely to pay a ransom of all countries surveyed: the global average was just under a third (32 per cent).
These were the findings of the global survey ‘The State of Ransomware 2021’ conducted by cybersecurity firm Sophos.
The survey findings further stated that the total cost of recovery from a ransomware attack has more than doubled in a year, increasing from $761,106 in 2020 to $1.85 million in 2021 globally.
In comparison, the survey found that in India, the approximate recovery cost from the impact of a ransomware attack tripled in the last year, up from $1.1 million in 2020, to $3.38 million in 2021.
The average ransom payment in India was $76,619.
However, paying up often doesn’t pay off: Indian organisations that paid the ransom got back, on average, 75 per cent of their data (compared to a global average of 65 per cent) and only 4 per cent got all their data back.
Adding his thoughts, Sunil Sharma, managing director–sales, Sophos India and SAARC, said, “While the proportion of organisations hit by ransomware has declined compared to the previous year, Indian organisations are still far more likely to be hit than those in any other country surveyed.
This could be due to the high level of domestic ransomware in India, as seen by SophosLabs, leading to a situation where Indian adversaries are targeting Indian organisations.”
“Furthermore, while the drop in attacks is welcome, it reflects, at least in part, changes in attacker behaviors.
"At Sophos, we have seen attackers switching to more targeted attacks that include human hands-on-keyboard hacking in order to bypass an organisation’s defenses
"It is harder and more expensive for businesses to recover from these complex attacks, which can leave their operating budgets significantly affected,” added Sharma.
The survey polled 5,400 IT decision makers in mid-sized organisations in 30 countries across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa, including 300 respondents in India.
The survey also found that 86 per cent of Indian organisations believe cyberattacks are now too complex for their IT team to handle on their own, compared to a global average of 54 per cent.
Additionally, the findings revealed that of the organisations in India not hit by ransomware in the last 12 months, the overwhelming majority (86 per cent) expect to become a target.
The top reason given for this (57 per cent) is that ransomware attacks are getting increasingly hard to stop due to their sophistication.
“The findings further highlight the brutal fact that paying a ransom to get data restored can be illusory,” added Sunil Sharma.
“Using decryption keys to recover information can be complicated as there is no guarantee of success.
"Examples such as the recent DearCry and Black Kingdom attacks show that attacks launched with low quality or hastily compiled code and techniques could make data recovery difficult, if not impossible.
"Ransomware attacks are not going away and it is more important than ever to protect against the attackers’ malicious maneuvers.
"If organisations are attacked they don’t need to face this challenge alone.
"Support is available 24/7 in the form of external security operations centers, human-led threat hunting and incident response services.”
|India's ransomware story in numbers
* 68% of Indian organisations surveyed were hit by ransomware in the last 12 months, down from 82% the previous year
* 67% of Indian organisations paid a ransom to get their data back, double the global average of 32%
* However, entities in India that paid ransom got back on average only 75% of their data
* Approximate cost for an entity to recover from the impact of a ransomware attack rose threefold in the past 12 months, from $1.1 million in 2020 to $3.38 million in 2021
* Of the organisations in India not hit by ransomware in the last 12 months, the overwhelming majority (86%) expect to become a target.
* 86% of Indian organisations believe cyberattacks are now too complex for their IT team to handle on their own, compared to a global average of 54%