Ransomware attacks hit 91% of Indian organisations in 2022: Report

At least 91% of Indian organisations were targeted by ransomware attacks in 2022, said the information security company CyberArk in its latest report.

The report also revealed that over half of the affected organisations, 55%, admitted to paying the ransom twice or more in order to recover their data. This suggests that they may have been targeted by double extortion campaigns.   

According to a report by CyberArk, Indian organisations faced an increasing cyber debt in 2022. This is due to the fact that investment in broader digital business initiatives has outpaced security spending during the pandemic period.   

Experts warn that in 2023, there is an increasing possibility of compounding cyber debt. This is due to a combination of factors, including an economic squeeze, high levels of staff turnover, a decline in consumer spending, and an unpredictable global environment. According to the report, ongoing investment in digital and cloud initiatives by business leaders to achieve greater efficiencies and innovation has had an impact on cybersecurity.  

Moreover, the report revealed that all (100%) organisations in India are anticipating identity-related breaches this year. These breaches are expected to arise due to a variety of factors such as economic cutbacks, geopolitical issues, cloud adoption, and hybrid work arrangements. The survey by CyberArk found that a significant majority of respondents (84%) believe that the integration of artificial intelligence (AI) into their organisation's operations will occur as part of a broader digital transformation effort, such as the adoption of cloud technology or the migration of legacy applications.    

Nearly 61% of security professionals anticipate that their organisation will be impacted by AI-enabled threats in 2023. The primary concern among respondents was the potential for AI-powered malware to cause harm.   

Furthermore, 80% of organisations anticipate facing cyber issues caused by employee churn in 2023. This trend is expected to fuel a new wave of insider threat concerns, stemming from disgruntled ex-staffers or exploitable leftover credentials. Around 92% of Indian organisations have identified code/malware injection into their software supply chain as a major security threat.  

Rohan Vaidya, regional director, India & SAARC, CyberArk, said, “The identity-centric attack surface is a priority to secure. To be best positioned to weather the current storm, organisations must adopt a risk-based strategy to secure critical assets, and initiate programs to consolidate operations on a smaller set of trusted partners and solutions to build resilience.”    

The report also shares that 75% of identities within Indian organisations possess sensitive access that is crucial for their job functions. This makes them a prime target for malicious attacks, and 75% of individuals believe that the security measures in place for the highest-sensitivity employee access are insufficient.   

In comparison to global statistics, India has a higher percentage of machines with sensitive access than humans, with figures of 42% and 38%, respectively.   

The survey has also identified credential access as the top risk, with 45% citing it as the primary concern. This is followed by defense evasion (34%), execution (34%), initial access (31%), and privilege escalation (26%).  

Matt Cohen, chief executive officer, CyberArk said, “Business transformation, driven by digital and cloud initiatives, continues to result in a surge in new enterprise identities. While attackers are constantly innovating, compromising identities remains the most effective way to circumvent cyber defenses and access sensitive data and assets. Such profound risk puts the issue of 'who and what to trust' at the forefront of efforts to prevent cyber debt from compounding, and to build long-term cyber resilience.”