Ransomware: Significant Rise of Attacks on Indian Businesses

0

Kaspersky cybersecurity solutions for businesses in India detected a total of 156,917 ransomware incidents for the first half of 2024.

Organisations in the country continue to be targeted by cybercriminals, particularly ransomware groups. Kaspersky’s data revealed that between January to June, India registered a 24 percent rise in ransomware attacks, compared to the same period last year.

In 2024, the country witnessed major attacks in critical sectors such as healthcare, financial services, manufacturing and government agencies. Recent cases include country’s largest health insurer, major electricals and cable manufacturer, technology service provider to cooperatives and rural banks, a local construction firm, and a broking firm.

Kaspersky experts have predicted the growing prevalence of this threat in the country in 2024 and urged organisations to bolster their cybersecurity defence and strengthen overall security posture.

“We are witnessing significant rise in attacks which are results of rapid adoption of digital technologies that is not supported by robust cybersecurity measures. The inadequacy in security protocols and outdated software systems have further compounded the vulnerabilities,” says Jaydeep Singh, General Manager for India Region at Kaspersky.

In India, major attacks in the past two years have been perpetrated by a few ransomware groups including LockBit, Conti, Hive, BianLian, and BlackCat that involve extortion, data thefts, as well as service and operation disruptions.

“Organisations need to start taking more proactive stance to strengthen their cybersecurity posture by implementing stronger measures. This includes assessing their infrastructure to identify gaps, deploying proven solutions and technologies, and training their workforce,” he adds.

To protect yourself and your business from ransomware attacks, Kaspersky experts recommend the following:

1. Always keep software updated on all the devices to prevent attackers from exploiting vulnerabilities and infiltrating organisation’s network.

2. Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network.

3. Back up data regularly and ensuring they can be accessed quickly when needed or in an emergency.

4. Avoid downloading and installing pirated software or software from unknown/unverified sources.

5. Assess and audit your supply chain and managed services access to your environment. Kaspersky offers compromise assessment services.

6. Do not expose remote desktop/management services (such as RDP, MSSQL, etc.) to public networks unless absolutely necessary and always use strong passwords, two-factor authentication and firewall rules for them.

7. Monitor access and activity by having visibility over the network to spot any unusual activity, and controlling user access to as-need, and as-required basis to minimise risks of unauthorised access and data leak.

8. Set up a security operation centre (SOC) using an SIEM (security information and event management) tool like Kaspersky Unified Monitoring and Analysis Platform, a unified console for monitoring and analysing information security incidents, and solutions such as Kaspersky Next XDR Expert, a robust cybersecurity solution that defends against sophisticated cyberthreats.

9. Use the latest Threat Intelligence information to have an in-depth visibility into cyberthreats targeting your organisation and provide your InfoSec professionals with the most comprehensive and up-to-date information regarding potential malicious actors and their TTPs.

10. Employ Kaspersky Professional Services to optimise the workload of your heavily challenged IT department. Kaspersky experts assess the state of your current IT security, then deploy and configure Kaspersky software quickly and properly to ensure hassle-free ongoing performance.

11. If your company does not have a dedicated IT security function and only has generalist IT admins who may lack the specialist skills required for expert-level detection and response solutions, consider subscribing to a managed service such as Kaspersky MDR. This would instantly boost your security capabilities by an order of magnitude, while allowing you to focus on building in-house expertise.

12. For protection of very small businesses, use solutions intended to help you manage your cybersecurity even without having an IT administrator on board. Kaspersky Small Office Security provides you with hands-off security due to ‘install and forget’ protection and saves the budget which is crucial, particularly in the early stages of business development.

13. Educate employees and improve their cybersecurity literacy through tools such as Kaspersky Automated Security Awareness Platform – Employees should be aware of the risks of cybersecurity threats and how to protect themselves and organisation from them.

14. Train and upskill your cybersecurity team/professionals with Kaspersky Expert training to advance their skills and defend organisation against attacks.

LEAVE A REPLY

Please enter your comment!
Please enter your name here