You are here: Home » Technology Ā» News
Business Standard

What can India Inc do to combat ransomware threat?

Flight operations of SpiceJet were hit after a ransomware attack recently. At least seven out of 10 Indian companies suffered from such attack last year. What can India Inc do to combat this threat?

Topics
ransomware | Ransomeware cyber attack | Hacker

Bhaswar Kumar  |  New Delhi 



hacking, hackers, cyberfraud, cyber security, cyber threat, digital, e-commerce, e-firms, payment, online, privacy, data breach

ALSO READ

TMS Ep138: Oscars for OTT, Baroda BNP Paribas Mutual Fund, IPO, ransomware

What is ransomware?

TMS Ep172: Power outages, Campbell Wilson, markets, EV range anxiety

TMS Ep91: 5G & flight safety, Mrutyunjay Mohapatra, markets, Budget

TMS Ep155: Power crisis, K Srinath Reddy, real estate, Swiss banks

  • Hundreds of fliers spent restless hours at Indian airports Wednesday morning after aircraft of Spicejet came to a standstill.

    Some took to social media platforms to register their ordeal, claiming that they were stranded for hours without a word from the private airline.

    Spicejet came out with a clarification later, and said that it had faced an “attempted attack”. It also said that services were resumed in a few hours after its IT team contained the situation. But not before it gave Spicejet brass some really scary moments.

    One of the tweets written in response to Spicejet’s announcement in a way highlighted most firm’s stand on cyber-security. It is more of defensive, than pre-emptive.

    What is

    * is a type of malware that hacks and prevents you from accessing your files or system

    *It demands that you pay a ransom in order to regain access

    *Ransomware employs encryption to hold the victim’s information at ransom

    *Your critical data gets encrypted so that you cannot access files, applications, and databases

    Ransomware is a malicious software which blocks access to a computer system. The hackers give access or the inscription key in lieu of money.

    In April, Oil India reportedly suffered a cyber-attack that disrupted its operations in Assam. The PSU major had also received a ransom demand of over USD 75,000,00 from the hackers – who had asked for the equivalent amount in bitcoins.

    In the subsequent police complaint, an OIL official said that the company and the government exchequer had incurred a huge financial loss due to the ransomware.

    And this seems to be the tip of the iceberg. Cybersecurity firm Sophos said in a recent report that around 78 per cent of Indian organisations that were surveyed had been hit by ransomware in 2021.

    The survey examined the impact of ransomware on 5,600 mid-sized organisations in 31 countries. This included 300 organisations from India.

    And it found that in 2021, 78 per cent of Indian organisations that had their data encrypted due to ransomware ended up paying the ransom. This was the highest rate of ransom payment reported across all 31 countries surveyed.

    According to the survey, 48 per cent of Indian companies paid less than 5,000 dollars as ransom in response to ransomware attacks. Meanwhile, 10 per cent paid 1 million dollars or more. In fact, three companies in the survey admitted to paying a ransom of 10 million dollars or more to hackers to get their data back.

    According to research from Unit 42 by Palo Alto Networks, ransomware payments hit new records in 2021. India saw a 218 per cent jump in ransomware attacks in 2021. The 2022 Unit 42 Ransomware Threat Report found that India ranks 10th globally with regard to the number of ransomware attacks. In fact, the country ranks second in the Japan and Asia-Pacific region.

    is well aware of the threat environment it is operating in. According to a survey by PwC, around 80 per cent of Indian organisations are likely to increase their cybersecurity budget in 2022.

    According to Gartner – a technological research and consulting firm based in the US– end-user spending on security and risk management in India is forecast to touch 2.6 billion dollars in 2022, which would amount to an increase of 9.4 per cent from 2021.

    Gartner’s research has found that there is a significant shortage of skilled cybersecurity professionals in the country. As a result, end-user organisations in India often go to security service providers to meet their cybersecurity objectives. Therefore, spending on security services is forecast to be 1 billion dollars in 2022, which is the highest among all segments. This will be followed by spending on network security equipment and infrastructure protection.

    is going to become an even more target-rich environment for malicious actors owing to the digital leap many firms took due to the pandemic. At the end of the day, a certain percentage of attacks will always slip through, which would still be a large number given the sheer volume of such attacks India faces. As such it's worth asking, should Indian companies continue their habit of caving in to ransomware attacks? Isn't that only going to embolden the malicious actors of the world?


    Subscribe to Business Standard Premium

    Exclusive Stories, Curated Newsletters, 26 years of Archives, E-paper, and more!

    Insightful news, sharp views, newsletters, e-paper, and more! Unlock incisive commentary only on Business Standard.

    Download the Business Standard App for latest Business News and Market News .

    First Published: Thu, May 26 2022. 07:00 IST
    RECOMMENDED FOR YOU
    RECOMMENDED FOR YOU