Indian Firms Witnessed 2.35 Lakh Ransomware Attacks In 2023: Report
Major ransomware groups such as Fonix and LockBit targeted global as well as Indian organisations in various sectors from January to December 2023.
Indian organisations, after reporting 235,472 ransomware incidents in 2023, are likely to witness higher levels of such attacks in 2024, according to a recent report by cybersecurity solutions company Kaspersky.
Major ransomware groups such as Fonix and LockBit targeted global as well as Indian organisations in various sectors including healthcare, manufacturing, government, power and utility, telecom and retail from January to December 2023. In most incidents, malicious software affected servers.
Security experts at Kaspersky said that ransomware attacks are becoming more common in India after causing disruptions globally.
Indian manufacturing, retail, agricultural, media and healthcare sectors were the primary targets of the Fonix ransomware group, which ran the attack as ransomware-as-a service, the Kaspersky report showed. Another ransomware group that targeted major Indian businesses was LockBit, infecting Windows and Apple systems.
“The era of widespread mass attacks by encryptors on both individuals and businesses is gradually fading away. Instead, we are witnessing a shift towards organised groups that execute hacks involving data theft and encryption, commonly referred to as double extortion,” said Fedor Sinitsyn, lead malware analyst at Kaspersky.
“The rationale behind this evolution lies in the perpetrators’ ability to operate with greater efficiency, thereby enabling them to demand significantly higher ransom sums,” added Sinitsyn.
Jaydeep Singh, Kaspersky general manager for South Asia, said researches conducted by the firm have shown that India is consistently among the top 12 targeted countries and territories for advanced persistent threats.
“For three years in a row, file encryption has been the top problem faced by enterprises and organisations worldwide and in India. From the basic ransomware attacks like the Wannacry in 2017, we have reached the era of Ransomware 3.0 where we see triple extortion in the form of distributed denial-of-service, reselling of data and public blackmailing. This form of attack has a wider impact on the financial and reputation aspect of Indian companies,” Singh said.
The report suggested that organisations, regardless of shape and size, should increase the level of their IT security posture as ransomware, especially the targeted type, continues to be damaging for organisations.
“We predict that in 2024, ransomware attacks on big organisations will become even more prevalent. Threats like extortion, operation disruption and data theft and leak will become more and more common. As a result, enterprises and organisations need to look into cybersecurity technologies that provide absolute anti-ransomware effectiveness in third-party exams,” Singh said.