Organisations in India continue to face an increase in ransomware attacks in 2024. Latest finding from Kaspersky shows that businesses here faced 665 ransomware attempts on a daily basis, on average.
Ransomware, as the name suggests, is malicious software designed to block access to a computer system or encrypt its data until a sum of money (a ransom) is paid. These attacks have been carried out on both individuals and corporations.
Overall, Kaspersky solutions used in businesses in India detected and blocked a total of 243,548 ransomware attacks between January to December last year.
“Ransomware groups targeting organisations in India know no sector. From small banks to the most critical state infrastructure, history shows us that India is facing a relentless surge in ransomware attacks aimed at businesses, banks, and public services. Institutions and companies are now under increasing pressure to implement far stronger defenes to protect their critical data,” comments Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
The most common type of ransomware in India last year is Trojan-Ransom.Win32.Wanna.m. This type of Trojan modifies data on the victim’s computer so that the victim can no longer use the data, or it prevents the computer from running correctly.
Once the data has been “taken hostage” (blocked or encrypted), the user will receive a ransom demand. The ransom demand tells the victim to send the malicious user money; on receipt of this, the cybercriminal will send a program to the victim to restore the data or restore the computer’s performance.
“Ransomware groups persist in refining their tactics, exploiting known vulnerabilities and leveraging advanced tools like Meterpreter and Mimikatz to gain unauthorised access. By targeting internet-facing applications, manipulating local accounts, and evading endpoint defenses, they demonstrate a sophisticated mastery of network weaknesses. The ongoing threat emphasises the urgent need for robust cybersecurity defenses, as adversaries continue to innovate and exploit even the most familiar vulnerabilities,” adds Hia.