Ransomware attacks in India double in June quarter1 min read . Updated: 26 Aug 2020, 04:40 PM IST
- The researchers at Seqrite also observed a shift in the behaviour of ransomware operators, where they not only encrypt company systems and ask them for ransom but also steal sensitive information including IPs
NEW DELHI: Ransomware attacks in India increased 200% quarter-on-quarter in April-June with 4 lakh new cases detected during the period, according to cybersecurity firm Seqrite's quarterly threat report.
Maze ransomware was the top threat for enterprises, while activities of other ransomware families such as Ryuk, Netwalker, RagnarLocker, PonyFinal and Tycoon also reportedly increased in the period.
Seqrite attributes the increase in attacks to absence of robust cybersecurity infrastructure due to shift to remote working.
The researchers at Seqrite also observed a shift in the behaviour of ransomware operators, where they not only encrypt company systems and ask them for ransom but also steal sensitive information including IPs which they threaten to publish or sell online for additional income.
This tactic is no longer limited to Maze and several threat actors behind various other ransomware families are now doing it. Seqrite warns, BFSI, Manufacturing, IT/ITES and Government departments are high return targets for threat actors for the sensitive data they hold.
More than 100 enterprises including Cognizant and Xerox have been attacked by Maze ransomware operators since the covid-19 outbreak.
"Ransomware attacks have always been a concern for enterprises. But what makes them more dangerous is their innovative and evolving nature. While previously, threat actors used to block sensitive data and ask for a ransom in return, now they have evolved and become much smarter than ever," Sanjay Katkar, Joint Managing Director and CTO – Quick Heal Technologies said in a statement.
In terms of overall malware attacks, Seqrite detected 22 million Windows malware in June quarter. Out of these, 9.59 million attacks were in June alone, up from 7.51 million in May.
Seqrite attributes the increase in attacks in June to the opening up of operations in manufacturing, BFSI, education and healthcare sector.
In terms of industry-wise detection, manufacturing accounted for 23.86% of detection, followed by professional services with 23.54%.