Phone : +91 95 8290 7788 | Email :

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » 64% of Indian organizations hit by ransomware in the last year, ET CISO

64% of Indian organizations hit by ransomware in the last year, ET CISO

64% of Indian organizations hit by ransomware in the last year, ET CISO


    • 65% of Indian organizations paid the ransom, surpassing those using backups (52%).
    • Average ransom demand: $4.8 million; median ransom paid: $2 million.
    • 44% of attacked computers were encrypted.
    • Data theft occurred in 34% of attacks.
    • Recovery costs averaged $1.35 million, excluding ransom payments.
    • 61% recovered data within a week.
    • 96% reported attacks to authorities; 70% received investigative assistance.
  • Sophos has released its annual “State of Ransomware in India 2024” report. The findings show a decrease in the rate of ransomware attacks against Indian organizations from the 73% reported in last year’s study to 64% in this year’s. However, the impact on victims has intensified, with higher ransom demands and recovery costs compared to the previous year. The State of Ransomware in India 2024 report findings are derived from an independent survey of 5,000 IT decision makers across 14 countries, including 500 respondents in India. Conducted in January and February 2024, respondents were asked to answer based on their experiences in the previous 12 months. For the first time, Indian organizations were found to be more likely to recover data by paying the ransom (65%) than using backups (52%). The average ransom demand was $4.8 million, with 62% of demands exceeding $1 million. The median ransom paid was $2 million.

    Key findings

    • 44% of impacted computers on average were encrypted in attacks against Indian victims
    • 34% of attacks included data theft in addition to encryption, slightly down from 38% the previous year
    • Excluding ransom payments, the average cost to recover from an attack was $1.35 million
    • 61% of victims were able to recover data within a week, up from 59% in 2022
    • 96% reported the attack to authorities, with 70% receiving investigation assistance

    “Prevention remains the most cost-effective ransomware strategy. Having solid defense-in-depth cybersecurity with anti-ransomware capabilities, ensuring in-depth defense protection with 24/7 monitoring is critical. At the same time, it is equally important to develop response capabilities, and comprehensive backup and recovery measures,” said Sunil Sharma, Vice President, Sales, India and SAARC, Sophos. “Continually reviewing security posture and incident response plans will also greatly improve an organization’s resilience against these relentless attacks.”

    ·Less than one quarter (24%) of those that pay the ransom hand over the amount originally requested, and 44% of respondents reported paying less than the original demand

    ·The average ransom payment came in at 94% of the initial ransom demand

    ·In more than four-fifths (82%) of cases funding for the ransom came from multiple sources. Overall, 40% of total ransom funding came from the organizations themselves and 23% from insurance providers

    ·94% of organizations hit by ransomware in the past year said that the cybercriminals attempted to compromise their backups during the attack, rising to 99% in both state and local government. In 57% of instances, backup compromise attempts were successful

    ·In 32% of incidents where data was encrypted, data was also stolen – a slight lift from last year’s 30% – increasing attackers’ ability to extort money from their victims

    John Shier, field CTO, Sophos, said, “We must not let the slight dip in attack rates give us a sense of complacency. Ransomware attacks are still the most dominant threat today and are fueling the cybercrime economy. Without ransomware we would not see the same variety and volume of precursor threats and services that feed into these attacks. The skyrocketing costs of ransomware attacks belie the fact that this is an equal opportunity crime. The ransomware landscape offers something for every cybercriminal, regardless of skill. While some groups are focused on multi-million-dollar ransoms, there are others that settle for lower sums by making it up in volume.”

    Sophos recommends the following best practices to help organizations defend against ransomware and other cyberattacks:

    ·Understand your risk profile, with tools such as Sophos Managed Risk which can assess an organization’s external attack surface, prioritize the riskiest exposures and provide tailored remediation guidance

    ·Implement endpoint protection that is designed to stop a range of evergreen and constantly changing ransomware techniques, such as Sophos Intercept X

    ·Bolster your defenses with round-the-clock threat detection, investigation and response, either through an in-house team or with the support of a Managed Detection and Response (MDR) provider

    ·Build and maintain an incident response plan, as well as making regular back-ups and practicing recovering data from backups.

    • Published On May 14, 2024 at 02:23 PM IST

    Join the community of 2M+ industry professionals

    Subscribe to our newsletter to get latest insights & analysis.

    Download ETCISO App

    • Get Realtime updates
    • Save your favourite articles

    Scan to download App

    Information Security - InfoSec - Cyber Security - Firewall Providers Company in India













    What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.


    Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.


    Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

    Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
    Sales Email : | Support Email :

    Register & Request Quote | Submit Support Ticket