Ransomware have targeted around 82% Indian organizations in the last 12 months, compared with 67% in 2017, cybersecurity firm Sophos has said in its global report.
The attacks cost Indian organisations an average of Rs. 80 crore as they addressed its impact, which included business downtime, lost orders and operational costs, Sophos said in its report ‘The State of Ransomware 2020’.
Around 8% of targeted organisations in India were able to stop the attack before attackers could encrypt their data, compared to the global average of 24%. About 66% of organizations whose data was encrypted had to pay the ransom. However, 29% of IT managers managed to recover their data from backups without giving in to the demands of attackers, the report stated.
“On the face of it, paying the ransom appears to be an effective way of getting data restored, but this is illusory. Our findings show that paying the ransom makes little difference to the recovery burden in terms of time and cost,” said Chester Wisniewski, principal research scientist, Sophos.
Wisniewski said, this is because it is unlikely that a single decryption key is all that’s needed to recover. Often, the attackers share several keys and trying each of them to restore data can be a time taking process, leading to more downtime.
Most organisations that were targeted by ransomware were located in metros or larger cities such as Delhi (85%), Bengaluru (83%), Kolkata (81%), Mumbai (81%), Chennai (79%) and Hyderabad (74%).
Organisations in the public sector were least affected by ransomware globally, with just 45% reporting such an incident. However, getting data back even after paying the ransomware was a problem that many faced, particularly those in public sector. The reports stated that 5% of public sector organizations paid the ransom yet didn’t get the data back and 13% of the public sector organizations never managed to get back their encrypted data.
All Indian organizations that paid the ransom got their data back, the report states.
The Sophos survey interviewed 5,000 IT decision makers in organizations across 26 countries in January and February.
IT major Cognizant was hit by the Maze ransomware attack in April leading to service disruptions for its clients. Cognizant expects the attack to negatively impact its Q2 revenue, resulting in loss of somewhere between $50 million and $70 million.