Ransomware assaults in India have increased by 55%, according to a CyberPeace research.

India has seen a 55% increase in ransomware occurrences, with 98 documented assaults in 2024. The biggest number of such incidents were recorded between May and October. The most recent data were presented in the ‘Ransomware Trends 2024: Insights for Global Cybersecurity Readiness’ research published by CyberPeace, a non-profit cybersecurity organization. The research identifies disturbing trends and emphasizes the critical need to boost cybersecurity measures to combat the evolving threat.

CyberPeace conducted its investigation using innovative OSINT (Open Source Intelligence) methodologies, constant surveillance of 166 threat actor groups, and data collecting from 658 servers/underground resources and mirrors throughout the world. The data show that ransomware gangs used these underground resources to organize 5,233 claims in 153 different nations. The United States emerged as the most targeted country, followed by Canada, the United Kingdom, Germany, and others.

According to the research, killsec was the most prevalent threat, with lockbit3 coming in second. Other organizations, like ransomhub, darkvault, and clop, had modest activity levels. “Ransomware continues to evolve, posing significant risks to industries, governments, and individuals alike. Governments, organisations, and cybersecurity experts must come together to share intelligence, strengthen cross-border defences, and develop strategies that proactively address emerging threats. Collaboration is key to dismantling threat actor networks, mitigating risks, and fostering a secure digital ecosystem worldwide,” said Major Vineet Kumar, global president and founder of CyberPeace.

In India, the industrial sector was frequently targeted, accounting for 75% of all instances. The healthcare industry was the second most affected, accounting for 12% of the events. The financial sector contributed for 10% of the occurrences, indicating a moderate level of targeting. In contrast, the government sector had the least effect, accounting for only 3% of events, showing that it was targeted less than the other sectors. This distribution emphasizes the crucial need for stronger cybersecurity measures, notably in the industrial sector, while also addressing weaknesses in healthcare, banking, and government.

According to the research, the statistics show shifting event trends in India, with substantial increases in May (14 occurrences) and October (24 incidents), indicating possible periods of increased activity. After reaching these highs, the numbers drop significantly, indicating seasonal fluctuation in event occurrences.

To confront the rising ransomware threat, CyberPeace emphasizes the need of taking preemptive steps. These include developing strong data backup and recovery strategies to maintain company continuity, performing frequent staff awareness campaigns to decrease human error, and using multi-factor authentication (MFA) to improve access security. Advanced threat detection tools and frequent vulnerability assessments are also required to find and fix flaws early on. The paper emphasizes that the worldwide ransomware epidemic need ongoing innovation in cybersecurity technology, adaptive defense measures, and informed legislation.