India has now as one of the top targets for ransomware attacks in the Asia Pacific and Japan region, ranking second in terms of successful attacks, according to Zscaler ThreatLabz’s 2024 Ransomware Report. The report, which analyses ransomware trends from April 2023 to April 2024, found a global surge in ransomware attacks, highlighting its escalating threat to critical sectors.
What is a ransomware attack?
A ransomware attack is a type of malware attack. This prevents users from accessing their files, systems, or networks. In exchange for returning access to systems, cybercriminals demand a ransom payment.
The most common way for ransomware attacks to be carried out are generally through phishing, Remote Desktop Protocol (RDP) and credential abuse. However, cybercriminals and hackers can find many ways to exploit different software vulnerabilities.
Ransomware attacks up 18 per cent globally
Globally, ransomware attacks increased by 18 per cent year-on-year, with a record ransom payment of $75 million made to the Dark Angels ransomware group. This amount is nearly double the largest publicly known payout to date. Experts believe this record payment will encourage other cybercriminals to adopt similar tactics, only to exacerbate the threat for organisations around the world.
Asia Pacific alone makes 1.3 billion more AI-related transactions than any other region, such as Europe, West Asia, and Africa (EMEA). The rapid pace of digital transformation and infrastructure growth in India, particularly in artificial intelligence (AI) and machine learning (ML) technologies, has made the country a prime target for cybercriminals.
Successful ransomware attacks in India fall
Despite the growing sophistication of cyberattacks, the number of successful ransomware attacks in India remained relatively flat. The number of attacks decreased slightly from 62 incidents in 2023 to 60 in 2024. However, with AI-powered attacks on the rise, vulnerabilities in India’s digital defences are expanding, prompting calls for more robust cybersecurity measures.
More From This Section
Ransomware targets manufacturing sector
The Zscaler report revealed India’s manufacturing sector remains the most targeted, accounting for nearly 29 per cent of ransomware incidents. Other key industries under threat include healthcare (8.89 per cent), financial services (8.89 per cent), technology, and pharmaceuticals.
Top ransomware families in India
The report also identified top ransomware families operating in India, with LockBit accounting for 23.33 per cent of attacks, followed by BianLian (16.67 per cent), BlackCat (11.67 per cent), 8Base (10 per cent), and Mallox (5 per cent). LockBit remains a dominant player both in India and globally, with emerging groups like Dark Angels expected to pose future threats.
The report also highlighted the growing use of Ransomware-as-a-Service (RaaS), zero-day attacks on outdated systems, and AI-driven strategies as significant contributors to the rise in cybercrime. Deepen Desai, chief security officer at Zscaler, emphasised the importance of Zero Trust security frameworks in the fight against ransomware. He noted that organisations must prioritise these architectures to reduce vulnerabilities and prevent costly breaches.
“With AI-powered attacks becoming more prevalent, a Zero Trust platform, like Zscaler, plays a pivotal role in mitigating risks, reducing the impact of breaches, and closing potential attack vectors,” said Desai.