Around 75% of Indian firms have been hit by ransomware attack in the last three years, since 2019, according to a new survey, which added said that eight out of 10 organisations in India believe that they could be a target for ransomware attack.
Japanese cyber security firm Trend Micro that commissioned Sapio Research in May and June 2022 to poll 2,958 IT decision makers across 26 countries (and 100 IT decision makers in India) said organisations globally are increasingly at risk of ransomware compromise through their extensive supply chains.
The research revealed that 79% of global IT leaders believe their partners and customers are making their own organization a more attractive ransomware target. The challenge is particularly acute considering that potentially less well-secured SMBs make up a “significant” portion of the supply chain for over half (52%) of these organisations.
Despite the phenomenal rise in ransomware on businesses and industries, the research found only 47% of organisations share knowledge about ransomware attacks with their suppliers. Additionally, 25% said they don’t share potentially useful threat information with partners. “This could be because organisations don’t have information to share in the first place,” said researchers.
“We found that 52% of global organisations have had a supply chain organiSation hit by ransomware, potentially putting their own systems at risk of compromise,” said Sharda Tickoo, Technical Director at Trend Micro, India and SAARC. “But many aren’t taking steps to improve partner cybersecurity. The first step towards mitigating these risks must be enhanced visibility into and control over the expanding digital attack surface.”
The supply chain can also be exploited by attackers to gain leverage over their targets. Among organizations that had experienced a ransomware attack in the past three years, 67% said their attackers contacted customers and/or partners about the breach to force payment.
Indian firms are facing an onslaught of ransomware attacks amid growing digital transformation brought on by the pandemic. According to a report a March 2022 report by American cybersecurity firm Palo Alto Networks, ransomware attacks on organisations in India increased by 218% year-on-year (YoY) in 2021.
More recently, Switzerland-based cyber security firm Acronis also said, ransomware is worsening with organised groups, like Conti and Lapsus$, inflicting serious damage to government and businesses across the globe.