Hyderabad: CyberPeaceIndia, a non-profit organisation for Cybersecurity has released a report, titled-- Ransomware Trends 2024: Insights for Global Cybersecurity Readiness, claiming a 55 per cent rise in ransomware attacks in India with 98 recorded incidents in 2024. The months of May and October were reported to have the highest number of ransomware attacks.
For the research of this report, CyberPeaceIndia used advanced Open Source Intelligence (OSINT) techniques, observed 166 ongoing threat actor groups, and fetched data from 658 global servers and underground sources. The NGO found that ransomware groups had made 5,233 claims across 153 countries. The US was the most targeted country, followed by Canada, the United Kingdom, Germany, and more.
Notably, a threat group named Killsec appeared to be the most common threat group followed by LockBit3. Threat groups such as RansomHub, DarkVault, and Clop showed moderate Ransomware activities.
"Ransomware is evolving, posing significant risks to industries, governments, and individuals," Major Vineet Kumar, global president and founder of CyberPeace said. "Governments, organisations, and cybersecurity experts must collaborate, share intelligence, strengthen defences, and develop proactive strategies to tackle emerging threats. Collaboration is key to dismantling threat networks, reducing risks, and fostering a secure digital environment worldwide."
Top Impacted Sectors in India
In India, 75 per cent of the total Ransomware attacks were targeted towards the industrial sector. The healthcare sector was the second most attacked sector at 12 per cent, followed by the finance sector at 10 per cent. Meanwhile, the government sector experienced only 3 per cent of such incidents. This shows the urgent need for enhanced cybersecurity measures, especially in the industrial sector. Countermeasures against vulnerabilities in healthcare, finance, and government domains must also be done.
The month of May witnessed 14 Ransomware attacks and 24 attacks happened in October. These peaks were followed by significant declines, showing seasonal variations in incident occurrences.
Countermeasures For Ransomware
CyberPeace recommends having strong data backup and recovery plans, employee awareness programs must be conducted to minimise human error, and use of multi-factor authentication (MFA) to improve access security. Organisations must use advanced threat detection tools and regular vulnerability assessments should be done in order to identify and address vulnerabilities as soon as possible.
