India is 10th in the world by ransomware attacks, new research by cybersecurity company NordLocker reveals.
The new study analyzed numerous databases of ransomware incidents that affected over 5,000 companies worldwide. With a collective revenue of Rs 330.9 trillion, the companies under investigation produce more value than Germany’s entire GDP.
The research was conducted with the purpose of discovering which companies are at the highest risk of being targeted by ransomware. Apart from the geographic variable, researchers looked at factors such as which ransomware groups are the most active, the most affected industries, company revenue, & employee count.
“Ransomware is a type of cyberattack that forces a company’s operations to a halt by taking possession of its most crucial & sensitive files & demanding a ransom from the company to get the data back. This type of attack is extremely effective. In the past few years, cases have grown exponentially, while cybersecurity awareness has failed to catch up,” says Tomas Smalakys, NordLocker’s CTO, in a press release.
Tech/IT is the top industry to be hit by ransomware in India
Nordlocker’s research found that out of 18 industries identified, tech/IT (23.4% of all attacks), manufacturing (10.9%), consumer services (9.4%), finance (9.4%), & energy (6.3%) industries are the most likely to be hit by ransomware in India.
“Ransomware gangs usually decide who their next target is based on two criteria. The first one is how likely the targeted company is to pay up, which is weighed by looking at variables such as the company’s importance in supply chains, the quantity of confidential information that it handles, & other factors that, in the case of an attack, put pressure on the company to get operations back up & running. The second criteria is more straightforward & primarily deals with the depth of the company’s pockets & how lacking in cyber defenses their business is,” says NordLocker’s Tomas Smalakys. “When you look at the data through this lens, you see why certain industries are more affected than others.”
Small businesses beware
Business size is another major indicator of how likely a business is to be targeted by a ransomware attack. In India, small-sized businesses (up to 500 employees) are at the highest risk, accounting for more than half of all attacks (54.7%). Companies with an employee count of between 201-500 are the victims of 22.60% of attacks, & those with between 1,001-5,000 employees are victims of 17% of ransomware hacks, while those with between 51-200 deal with 17% of attacks as well.
“Small businesses are top targets for ransomware gangs because, for them, cybersecurity is often an afterthought. Smaller companies justifiably prioritize growing their operation, leaving cybersecurity on the sidelines. This, combined with the usually thin profit margins small businesses endure, makes them not only easy to hack but very likely to pay up as well, because they do not have the funds to sustain a prolonged halt to operations,” says Tomas Smalakys.
What else did the research find?
- Among the affected organizations are some of the most influential institutions worldwide, including a a multinational steel making company & an Indian pharmaceutical giant with billions in revenue
- LockBit & Ragnar Locker are the most active ransomware gangs in India, responsible for 13% and 7.80% of attacks, respectively.
- 17% of ransomware attacks in India attack businesses that have over 80 billion ₹ in annual revenue. However, most often ransomware in India targets companies with annual revenue between 8₹ to 40₹ billion (41.5%)
- 11.3% of ransomware attacks in India target companies that employ more than 10,000 employees
- 21% of attacks in India target companies that are publically traded
