Three-quarters of organizations in India have been affected by ransomware threat this year: report


Ransomware has remained a persistent and pervasive threat to organizations around the world, with India most affected in the Asia-Pacific region, according to a report by cybersecurity firm CrowdStrike, Inc.

According to the CrowdStrike Global Security Attitude Survey 2021, conducted by independent research firm Vanson Bourne, ransomware is a persistent threat, costing businesses almost $ 2 million on average.

India has been the most affected by ransomware in the APAC region, with 76% of them having suffered a ransomware attack this year, compared to 61% in Japan, 64% in Singapore and 67% in Australia.

In addition, 26% of Indian respondents said they paid between $ 1 and $ 2.5 million as a result of ransomware attacks in the past 12 months, compared to 25% in Japan, 14% in Singapore and 42% in Australia. .

In addition, 27% of Indian respondents said they paid between $ 500,000 and $ 1 million in extortion costs in addition to ransomware, compared to 33% in Japan, 29% in Singapore and 19% in Australia.

Globally, according to the survey, the average payment for ransomware increased 62.7% in 2021 (from $ 1.1 million in 2020 to $ 1.79 million in 2021).

The average ransomware payout was $ 1.34 million in EMEA and $ 2.35 million in APAC and $ 1.55 million in the United States.

It was further observed that the average ransom demand from attackers is $ 6 million.

“While attackers don’t quite get the amounts they are looking for, they still earn massive payouts. CrowdStrike attributes this to companies understanding both the threat and their exposure, and their ability to negotiate with attackers.” , indicates the report.

Further, “organizations are almost universally affected by ‘double extortion’, where threat actors not only demand a ransom to decrypt the data, but additionally threaten to disclose or sell the data unless the victims are victimized. pay more money, ”the report says.

The survey showed that 96% of organizations that paid a ransom were forced to pay additional extortion fees, costing companies an average of $ 792,493. Additionally, 66% of companies surveyed have experienced at least one ransomware attack in the past 12 months.

In terms of security, 45% of Indian organizations rated the lack of accurate threat intelligence as a major obstacle to establishing a better security posture against ransomware attacks. This is compared to 36% in Japan, 55% in Singapore and 39% in Australia.

Nation-state attacks

In India, 58 percent of those polled further said they felt most threatened by cyberattacks originating from China, followed by Pakistan (47 percent).

China has been a common threat across all regions with 76% in Japan, 66% in Singapore and 53% in Australia, the report adds.

For 88% of those polled, cyber attacks sponsored by Russia and China “represent a clear and current danger for organizations in India”, compared to 87% in Japan, 86% in Singapore and 78% in Australia.

86% of Indian respondents also highlighted the growing threat of attacks on nation states. 76% of respondents believe the Indian government is taking the necessary action against threat actors to create a safe environment for organizations, compared to 50% in Japan, 62% in Singapore and 61% in Australia.

The report also focused on the ability of organizations to detect threats. 36% of Indian respondents feel able to detect a cyberattack within an hour, compared to 24% in Japan, 33% in Singapore and 36% in Australia.

The main reason given for the inability of Indian organizations to detect incursions was infrastructure. 62% of those surveyed said their security infrastructure is made up of too many disparate solutions that don’t fit together easily for adequate protection and prevention, compared to 47% in Japan, 49% in Singapore and 51% in Australia.

Other concerns for Indian organizations included lack of resources in the cybersecurity department (46%) and challenges with legacy infrastructure (46%).

Software supply chain attacks

The report also focused on software supply chain attacks that have caused significant problems for organizations in recent years and are likely to continue to do so in the future.

56% of Indian companies have experienced a software supply chain attack, compared to 41% in Japan, 36% in Singapore and 49% in Australia.

However, 60% of companies had a comprehensive strategy when their organization suffered its first software supply chain attack, compared to 20% in Japan, 39% in Singapore and 48% in Australia.

Indian organizations also plan to use the following technologies to protect against software supply chain attacks over the next 12 months. Organizations are investing in technologies such as behavioral analysis (36%), threat intelligence (35%) and blockchain technology (35%) for better prevention.

In addition, 80% of Indian organizations said their control process has become more rigorous and more detailed controls are needed as a result of recent large-scale software supply chain attacks such as SolarWinds and / or Sunburst, ”according to the report.

However, 72 percent of Indian respondents said they have complete confidence in the security of their organization’s supply chain.

In addition, 66% of Indian organizations lose trust in legacy IT vendors due to such attacks

“The investigation presents an alarming picture of the modern threat landscape, showing that adversaries continue to exploit organizations around the world and bypass outdated technologies. The current threat environment is costing businesses around the world millions of dollars and causing additional fallout, ”said Michael Sentonas, CTO at CrowdStrike.

“The evolution of the remote workplace is certainly increasing the challenges for businesses as legacy software like Microsoft struggles to keep pace with today’s fast-paced digital world. This clearly shows that companies need to change the way they operate and more rigorously assess the suppliers they work with, ”Sentonas added.

“The threat landscape continues to evolve at a frightening rate and it is evident that modern organizations need a holistic, cloud-native end-to-end platform approach to quickly address and remediate threats.” Sentonas added.

The cybersecurity company further encouraged organizations to strive to adhere to the 1-10-60 rule. According to this rule, “security teams demonstrate their ability to detect threats within the first minute of an intrusion, to investigate and understand the threat within 10 minutes, and to contain and eradicate the threat within 60 minutes”, he explained.

CrowdStrike commissioned independent technology market researcher Vanson Bourne to undertake the quantitative research upon which this white paper is based. A total of 2,200 IT decision makers and IT security professionals were surveyed in September, October, and November 2021, with representation in the US, EMEA, and APAC regions.


Comments are closed.