A report by the Indian Computer Emergency Response Team (CERT-In) said that it has observed a 51 percent increase in ransomware incidents in the country in the first half of the business year (H1) in 2022.
CERT-In attributed the rise in attacks in India to Djvu, a ‘high-risk’ virus that majorly targets citizens. The agency also named Phobos, a ransomware which strikes smaller companies and individuals that have less capacity to pay relative to larger businesses, to have played a role in the increase.
It also attributed the increase to Hive, a year-old ransomware which has grown into one of the most prevalent ransomware payloads in the ransomware-as-a-service (RaaS) ecosystem. RaaS is a subscription-based model that enables affiliates to use already-developed ransomware tools to execute ransomware attacks.
The information technology sector was the most affected when it comes to these attacks, followed by manufacturing and finance. The agency noted that ransomware gangs were focusing on penetrating known unpatched vulnerabilities of public facing applications for gaining entry into the network.
CERT-In said, “Ransomware-As-A-Service (RAAS) ecosystem is evolving with sophisticated double and triple extortion tactics and a wide range of ransomware campaigns through affiliates. This is leading to higher probability of monetization and further rise in attack campaigns. Post covid accelerated digitalisation and hybrid work culture are also aiding this threat emergence.”
In terms of mitigation, the agency recommended victims to immediately disconnect and isolate infected systems from the network. IT also recommended to turn off any wireless internet connectivity and isolate all system backups.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
