Indian companies paid Rs 8 crore on average to fix ransomware, says report

Topics Hackers | cybercrimes

Cybercriminals are targeting US cash machines with tools that force them to spit out cash, known as “jackpotting”
Indian companies paid more than Rs 8 crore ransom on average to fix ransomware attacks on their operations, a new report said on Tuesday.

As many as 82 per cent Indian companies were attacked in the past 12 months--a 15 per cent increase from 2017, said the report called 'The State of Ransomware 2020' conducted by Sophos, a global cybersecurity company. Ransomware is a form of malicious software that locks and encrypts a victim’s computer or device data and then demands a ransom to restore access, according to

Two out of three organisations hit by ransomware in India admitted paying the ransom. Data was encrypted in 91 per cent of attacks that successfully breached an organisation in India. The average cost of addressing the impact of such an attack in India, including business downtime, lost orders, operational costs, and more, was a little over Rs 8 crore.

Delhi topped the list as 85 per cent organisations in the national capital were hit by ransomware attacks in the past 12 months, followed by Bengaluru (83 per cent) and Kolkata (81 per cent).

At fourth spot was Mumbai-based firms (81 per cent), Chennai (79 per cent) at sixth place and Hyderabad (74 per cent) seventh, according to the survey that polled 5,000 IT decision makers in organisations in 26 countries across six continents.

According to Chester Wisniewski, principal research scientist at Sophos, organisations may feel intense pressure to pay the ransom to avoid damaging downtime.

"On the face of it, paying the ransom appears to be an effective way of getting data restored, but this is illusory. Paying the ransom makes little difference to the recovery burden in terms of time and cost," he said.

This could be because it is unlikely that a single magical decryption key is all that's needed to recover.

"Often, the attackers may share several keys and using them to restore data may be a complex and time-consuming affair," said Wisniewski.

According to the report, only 8 per cent of victims in India were able to stop the attack before their data could be encrypted, compared with a global average of 24 per cent.

Globally, the average cost of recovery is $1.4 million if organisations pay the ransom and $730,000 if they don't. 
Every organisation in India that paid the ransom got their data back, although this was not always the case elsewhere.

"An effective backup system that enables organizations to restore encrypted data without paying the attackers is business critical, but there are other important elements to consider if a company is to be truly resilient to ransomware," said Wisniewski.

Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel