The world of cybersecurity has been witnessing a drastic rise in ransomware attacks this year, with average ransom demands now reaching ₹12 crore ($1.5 million).
Ransomware operates by encrypting files on a victim’s system, making data inaccessible until a ransom is paid—usually in cryptocurrency like Bitcoin.
This year’s increase in ransomware activities is due to a strategy called “big game hunting,” where hackers target large organizations to extract bigger payments.
Why Ransomware Is Growing Rapidly
According to a recent survey by Zscaler, ransomware is now the most significant cyber threat to organizations. The strategy behind its rise is simple—fewer attacks, but bigger targets.
Companies in critical sectors like healthcare, municipal services, and even energy companies have been targeted. One of the largest known ransomware payments was ₹600 crore ($75 million), paid by a Fortune 50 company to the Dark Angels, a ransomware group.
These cyberattacks have become particularly problematic because they do not just lock systems. If the ransom is unpaid, attackers often threaten to release or permanently delete sensitive data, putting businesses in a tough position.
For companies that rely on this data for their operations, the decision to pay or not to pay becomes a moral and operational dilemma.
Pay or Risk Data Loss?
Companies affected by ransomware face a serious challenge. Paying the ransom may seem like the easiest way to recover crucial information, but it also contributes to the growing issue of cybercrime.
Additionally, paying the ransom doesn’t guarantee data recovery, and businesses may find themselves attacked again in the future.
On the other hand, refusing to pay can lead to permanent data loss or exposure, damaging the company’s reputation and operations.
Even though organizations are discouraged from paying, many often do, with the help of third-party negotiators or cyber insurance firms.
However, this has led to an exponential rise in ransom demands. Just last year, the average ransom demand was less than ₹1.6 crore ($200,000), but by mid-2024, it had skyrocketed to ₹12 crore ($1.5 million).
How Companies Can Protect Themselves
Ransomware attacks are not entirely unavoidable, but companies can minimize their risk by adopting a few critical cybersecurity measures. Here are some effective strategies:
- Install Antivirus and Firewalls: Every device in the organization should be protected with robust antivirus software and firewalls to prevent malware from infecting systems.
- Regular Software Updates: Outdated software can leave companies vulnerable. Regular updates and patches help close potential security loopholes.
- Employee Training: Many ransomware attacks start with phishing emails. Training employees to recognize these attacks can significantly reduce the chances of unauthorized access.
- Data Backups: Regular backups ensure that even if a company’s systems are compromised, they can restore data without paying the ransom.
- Encryption: Sensitive information should be encrypted, making it more difficult for attackers to access or misuse stolen data.
- Report Attacks: In the event of an attack, organizations should cooperate with law enforcement and cybersecurity professionals. This not only helps catch the perpetrators but also provides expert guidance on damage control and future prevention.
The Future of Cybersecurity
Ransomware will continue to be a significant issue for businesses worldwide. Cybersecurity experts recommend investing in the right tools and training to ensure systems are secure.
“Organizations should be prepared for ransomware and have clear protocols in place to respond swiftly,” says Vakaris Noreika, head of product for NordStellar. “Paying a ransom is a moral dilemma, but with proper security and data recovery plans, companies can avoid falling victim to these attacks.”