1. 🇮🇳 More Indians Hit, But Are Paying Less
A recent State of Ransomware 2025 survey by Sophos reveals that 53% of Indian organisations struck by ransomware over the past year ended up paying the ransom—down from 65% in 2024.
-
Median ransom demand dropped 52%: from US $2 million in 2023 to US $961,289 in 2024.
-
Median actual payment plunged 79%, now at US $481,636.
2. 😱 The Hidden Costs Are Still Massive
Even when paying less, organisations continue to incur heavy expenses beyond the ransom:
-
Average recovery cost (excluding ransom): around US $1.01 million per incident.
👉 The takeaway? It’s not just the ransom—downtime, IT resources, incident management, and third-party services fuel a massive recovery bill.
3. Why Attacks Keep Succeeding
Attackers are leveraging common weaknesses:
| Cause | Percentage of Attacks |
|---|---|
| Exploited vulnerabilities | 29% |
| Compromised credentials | 22% |
| Malicious emails | 21% |
This mix of technical gaps—unpatched devices, weak passwords, phishing—combined with operational shortcomings underscores where Indian firms are still falling short.
4. Internal Issues: The Root of the Problem
Around 40% of organisations attribute ransomware success to:
-
Understaffed or overworked IT/cyber teams
-
Poor-quality protection tools
-
Lack of cybersecurity suites or services.
These constraints create openings for attackers—and lead to rash decisions like paying ransoms.
5. A Shift Toward Preparedness—and Negotiation
Sophos highlights a positive shift: fewer demands, better negotiation, and faster recovery. Global findings show that:
-
53% of organisations pay less than demanded
-
18% end up paying more
-
29% match the initial demand.
These figures reflect growing awareness and stronger negotiation tactics in ransomware response.
🚀 What This Means for Indian Businesses
-
Invest in cyber hygiene
Patch vulnerabilities, enforce MFA, and train employees on phishing risks. -
Boost cybersecurity staffing & tools
Consider Managed Detection and Response (MDR) services to offset capacity gaps. -
Implement tested incident response plans
Regular backup drills and tabletop scenarios pay dividends. Most organisations who recover fully do so within a week. Develop negotiation frameworks
With more than 70% of lowered payments coming via negotiation, structured protocols—possibly including experienced negotiators—can significantly reduce costs.
🧭 Final Take
While the reduction in ransom payments and demands is a step forward, the findings reveal a bigger truth: paying less doesn’t equal being safe. Indian companies still grapple with expensive recovery efforts and residual vulnerabilities.
The path forward is clear: combine preventive cyber hygiene with preparedness and resilience. By proactively securing systems, building cyber muscle, and refining incident response—including negotiation—businesses can minimize both financial and operational fallout.
reff:- techvorm
tags:-
#NextGalaxyFoldable
#HHVMTrailerBlaze
#Marathi
#ENGvsIND
#Delhi
#Maharashtra
#GRABFOODMEGASALEWILLIAMEST
.jpg)
.jpg)
Hello, my name is Jack Sparrow. I'm a 50 year old self-employed Pirate from the Caribbean.
No comments:
Post a Comment