Recent incidents involving ransomware attacks have drawn attention to the escalating threat posed by cyberattacks in India, particularly within the manufacturing sector. Reports by various cybersecurity entities have highlighted a surge in ransomware and malware attacks across the country. Despite this trend, only a limited number of organizations have implemented formal ransomware contingency plans, with some opting to fulfil ransom demands.
What is Ransomware
Ransomware is a type of malicious software designed to block access to a computer system or data until a sum of money, or ransom, is paid. This form of cyber attack encrypts files on the victim’s computer, making them inaccessible, and demands payment in exchange for a decryption key. Ransomware attacks can target individuals, businesses, or even government agencies, and the payments are typically requested in cryptocurrencies like Bitcoin to make tracking difficult.
Ransomware Attacks 2024
For instance, on March 17, an instance of LockBit ransomware targeted Polycab India, the nation’s largest wire and cable manufacturer. Although Polycab asserted that the incident did not disrupt core operations, it acknowledged the ongoing efforts of its technical and external cybersecurity teams to assess the situation. Similarly, Motilal Oswal (MOSL), a prominent brokerage firm serving millions of clients, encountered a ransomware attack attributed to the same group in mid-February. While MOSL swiftly responded to the incident, affirming that business operations remained unaffected, it promptly notified relevant law enforcement and regulatory authorities.
Furthermore, on March 22, Bira 91, an Indian craft beer brand, fell victim to a ransomware attack orchestrated by the BianLian group. Despite the absence of an official statement from the company, reports indicate potential data exposure encompassing sensitive information concerning finance, human resources, and proprietary recipes.
India faced the highest incidence of ransomware extortion in 2023. This vulnerability is attributed to factors such as limited visibility into operational technology (OT) systems and suboptimal implementation of cyber hygiene practices. Additionally, the dynamic nature of data storage across diverse platforms complicates cybersecurity efforts, potentially exposing organizations to exploitation by ransomware actors.
Ransomware Attacks 2024 – Who Did It?
There are two large ransomware gangs, identified as Himalaya and LockBit, started using their own sites to promote their encryption tools and recruit new affiliates. LockBit had just released a new version of its signature ransomware, and it tried to leverage improved software performance as a way to attract talent. Himalaya just went straight for the wallet, touting the generous payments they offer for associates on their site, just like any other company that is looking for help.
LockBit, a prominent ransomware group, has recently targeted various global organizations, exhibiting resilience despite efforts by law enforcement agencies to disrupt its operations. Notable among its targets are large corporations such as Taiwan’s TSMC, Foxconn, and Accenture. LockBit’s activities underscore the evolving threat landscape and the critical need for robust cybersecurity measures.
The absence of stringent disclosure laws exacerbates the cybersecurity landscape in India, leaving consumers vulnerable to data breaches without adequate notification or recourse. Although recent regulatory changes mandate incident reporting to the Indian Computer Emergency Response Team (CERT-In), challenges persist, particularly in non-regulated sectors such as manufacturing and healthcare.
Addressing cybersecurity concerns requires a paradigm shift in organizational priorities, with an emphasis on proactive investment rather than reactive responses. Startups often prioritize security measures only when prompted by investors or regulatory mandates. Therefore, a robust regulatory framework coupled with stringent enforcement mechanisms is essential to incentivize adherence to cybersecurity best practices and ensure accountability within the business ecosystem.
