Ransomware attacks in India double in June quarter: Seqrite

Ransomware attacks have increased two-fold in the April-June quarter to four lakh in India compared to the previous quarter, according to a study. 

While Maze continued to be the top threat for enterprises, the country was also victim to ransomware attacks from Ryuk, Mailto aka Netwalker, HorseDeal & Gigabyte, RagnarLocker, PonyFinal and Tycoon in the quarter, a report from enterprise security solution company Seqrite, run by Quick Heal Technologies, said.

Researchers at the company observed a visible shift in the behaviour of threat actors, with ransomware families using a two-pronged approach to target enterprises. 

In addition to Maze, multiple ransomware families are now capable of stealing sensitive data, the study showed, making modern attacks more dangerous, as stolen data could be leaked if the hackers are not paid ransom.

The government, as well as organisations in sectors such as BFSI, manufacturing and IT/ITES are likely to be the primary targets due to the sheer amount of sensitive data they store, it said.

The five-year-old security solutions provider, in the statement, claimed that its GoDeep.AI platform has mitigated these threats by leveraging a combination of signature-less and signature-based detections, which are backed by patented technologies to proactively detect and block known and unknown ransomware attacks. 

Ransomware attacks have always been a concern for enterprises, but what makes them more dangerous is their innovative and evolving nature, Sanjay Katkar, joint managing director and CTO of Quick Heal Technologies, said. 

“While previously, threat actors used to block sensitive data and ask for a ransom in return, now they have evolved and become much smarter. Apart from demanding ransom from the victim, these evolved threat actors steal the encrypted data and sell it in the open market to make dual income sources,” he said.

The report attributed the increase in ransomware attacks to the absence of robust cybersecurity measures in the wake of the remote working culture. 

Read: Work from home jobs witness a 3X jump post pandemic: Naukri

Researchers at Seqrite said that one could be safe by following cybersecurity best practices, such as applying regular security patches and updates, using encryption and multi factor authentication wherever possible, disabling RDP and SMB ports when not in use, avoiding phishing scams by not opening suspicious emails and using secure networks when working remotely.

Last month, Seqrite’s Pune-based parent company launched a suite of cybersecurity solutions for digital consumers. 

A study, published by technology giant IBM last month, pointed out that although enterprises have beefed up plans to detect and respond to cyberattacks over the past five years, their ability to contain an attack has declined by 13% during the same period.