70% of Indian firms hit by a ransomware attack in last 3 years: Report
New Delhi–About 70 per cent of organisations in India have been hit by a ransomware attack in the last three years while a whopping 81 per cent of organisations feel that they could be the target of ransomware attacks, a new report showed on Wednesday.
Nearly 66 per cent of organisations have seen their supply chain subsidiaries become victims of ransomware attacks in India.
Cybersecurity leader Trend Micro revealed in its report that organisations are increasingly at risk of ransomware compromise via their extensive supply chains.
In India, 66 per cent of organisations have a cyber insurance policy while 98 per cent regularly update security patches to externally exposed servers and VPN equipment.
Nearly 32 per cent of respondents feel motivated about tackling ransomware over the next 12 months in India, said the report.
Ransomware is now present in 25 per cent of data breaches, a 13 per cent year-on-year increase globally.
A vast majority of IT and business leaders globally (87 per cent) now view cyber compromise as a bigger threat than an economic downturn, with a fifth admitting that a serious attack in the past nearly sent their business into bankruptcy.
A year ago, a sophisticated attack on a provider of IT management software led to the compromise of scores of MSPs and thousands of downstream customers.
Yet, only 47 per cent of organisations globally share knowledge about ransomware attacks with their suppliers. Additionally, 25 per cent said they don’t share potentially useful threat information with partners.
“We found that 52 per cent of global organisations have had a supply chain organisation hit by ransomware, potentially putting their own systems at risk of compromise”, said Sharda Tickoo, Technical Director at Trend Micro, India and SAARC.
The supply chain can also be exploited by attackers to gain leverage over their targets. Among organisations that had experienced a ransomware attack in the past three years, 67 per cent said their attackers contacted customers and/or partners about the breach to force payment. (IANS)