67pc Indian businesses hit by ransomware in 2017, highlights survey

Global network and security firm Sophos’ survey ‘The State of Endpoint Security Today’ sheds light on the extent to which Indian businesses are at a risk of repeated ransomware attacks and are vulnerable to exploits. 

Ransomware continues to be a major issue across the globe, with 54 percent of organisations surveyed hit in the last year, and a further 31 percent expecting to be victims of an attack in the future. Global network and security firm Sophos’ conducted a survey ‘The State of Endpoint Security Today’. On average, respondents impacted by ransomware were struck twice.

The survey was conducted among 2,700+ IT decision-makers across mid-sized businesses in 10 countries worldwide, including the US, Canada, Mexico, France, Germany, the UK, Australia, Japan, South Africa and India. Of these, 300 respondents were from India, based in Delhi, Mumbai, Hyderabad, Bengaluru, Kolkata and Chennai. These employees were from varied sectors such as financial services, IT, technology and telecom, business and professional services, manufacturing and production, among others. All respondents were from organisations of between 100 and 5,000 users.

The survey brought to fore that 91 percent Indian organisations claim to be running up-to-date endpoint protection when impacted by ransomware. According to those impacted by ransomware last year, the median total cost of a ransomware attack was $133,000. Indian organisations median total cost stood at $1.17 million, the highest, in rectifying the impacts of ransomware.

The report reveals that healthcare is the most impacted sector by ransomware at 76 percent. More than 70 percent of IT professionals surveyed were unable to identify the correct definition of anti-exploit technology, despite how critical it is for modern attack prevention that means these businesses are easy prey for data breaches and complex threats like WannaCry.

In terms of complexity of the threats, the survey highlighted that 89 percent India respondents stated that malware threats have got more complex over the last year while 99 percent businesses are optimistic about deploying machine learning technology.

According to Sophos, this relentless attack methodology combined with the growth in Ransomware-as-a-Service, the anticipation of more complex threats, and the resurgence of worms like WannaCry and NotPetya puts businesses in serious need of a security makeover. In fact, more than 90 percent of Indian IT decision-makers surveyed who said they were impacted by ransomware were running up-to-date endpoint protection, confirming that traditional endpoint security is no longer enough to protect against today’s ransomware attacks.

The survey concludes that despite the intensity and magnitude of attacks, Indian businesses are still not prepared to defend itself against determined attackers.