With 67 per cent Indian businesses hit by ransomware — 38 per cent twice — they are at a high risk of repeated ransomware attacks and are vulnerable to exploits, a new report warned.

 

 While $13.74 million were spent by three per cent of the organisations worldwide to rectify the impact of ransomware, India's share remained the highest at $1.17 million, said global cybersecurity leader Sophos. 

 

"We're aware of cybercriminals unleashing four different ransomware families in half-hour increments to ensure at least one evades security and completes the attack," said Sunil Sharma, Managing Director Sales at Sophos India & Saarc. 

 

"Persistent cybercriminals are deploying multiple attack methods to succeed, whether using a mix of ransomware in a single campaign, taking advantage of a remote access opportunity, infecting a server or disabling security software," he added. 

 

The survey polled more than 2,700 IT decision-makers across mid-sized businesses in 10 countries worldwide, including India, the US, Canada, Mexico, France, Germany, UK, Australia, Japan and South Africa. 

 

It said that 91 per cent Indian organisations claimed running up-to-date endpoint protection when impacted by ransomware. 

 

"Nearly 54 per cent devices are infected per organisation which is higher than the global average infections at 46.09 per cent. Healthcare sector was impacted the highest by ransomware, at 76 per cent," the findings showed. 

 

More than 70 percent surveyed do not have anti-exploit technology, which means these businesses are easy prey for data breaches and complex threats like WannaCrypt. 

 

Over 70 percent of IT professionals surveyed were unable to identify the correct definition of anti-exploit technology, despite how critical it is for modern attack prevention 

 

Nearly 89 per cent India respondents stated that malware threats have got more complex over the last year while 99 per cent businesses were optimistic about deploying Machine Learning (ML) technology. 

 

"Since traditional endpoint technologies are often unable to keep up with advanced exploit attacks used to compromise a system, Sophos has added predictive, deep learning capabilities to the newest version of its next-generation endpoint protection product, Sophos Intercept X," Sharma said. 

 

The findings showed that despite the intensity and magnitude of attacks, Indian businesses are still not prepared to defend against determined attackers.