While the country is still reeling under the recent hacks by hacker group calling itself Legion, the group that claimed to have compromised databases belonging to banking institutions, government email servers and the databases of a leading hospital; if recent reports are to be believed there is more in store. India’s share in ransom ware attacks continues to rise and currently stands at 16.9 percent.

Several large companies today are under the purview of ransom ware attacks, and the impact is only getting advanced with time. The entire cybercriminal world has been taken over and it seems like there is no end to it. What’s alarming is the fact that while enterprises in India are spending more on cyber security each year, organizations are still not confident of their ability to sense, resist and respond to cyber threats. Our earlier reports stated had that over 180 Indian companies were victims of Ransom ware online extortion schemes in the first six months of the year 2016, causing a loss of whopping $3 billion.

To understand this in its entirety, we need to comprehend the modus operandi behind what really motivates cybercriminals, which is largely to instill ‘fear’, at a very primordial level to achieve their larger objective of creating disruption. They extort money from companies with the help of ransom ware using fear as an effective tactic. The fear to part with vital information or customer files along with the dreading fear of public exposure makes companies abide by the demands of the attackers. With the number of internet of things (IoT)-enabled devices increasing, ransom ware is all set to enter another revolution. Cyber criminals have already started attacking smartphones and the day is not far when wearable devices will also be on their list. In fact, Smart TVs are already under their radar.

As per a recent survey carried out by a leading consulting firm, outdated information security architecture and controls has most increased risk exposure for India over the last 12 months. What is interesting to take cognizance of, is that vulnerabilities related to mobile computing, social media and cloud computing feature prominently as contributing to enhanced risk exposure for corporate India. Among threats, the majority believe that cyber-attacks are primarily targeted at defacing/disrupting organizations or towards stealing intellectual property or data 51 percent, followed by fraud 48 percent.

Your business can fight any attack if you understand the vital facts, trends, and lesser known facts about ransom ware

Enterprises need to be coherent to the fact that attacks are getting more hybrid and many a times difficult to detect. Let’s understand what needs to be done to navigate through these choppy waters. The right information is the key to block ransom ware attacks. Your business can fight any attack if you understand the vital facts, trends, and lesser known facts about ransom ware. Some of these revelations are startling enough to warrant the CIO, CSIO, CTO of these organizations to take a closer look at their cyber security framework and ascertain if the necessary checks and balances are in place.

1. The number of ransom ware families found between January and May 2016 is 50 - Blackshades, Apocalypse, Jigsaw, CryptXXX are just some of the popular names you would have heard of in 2016. In a typical situation, when a company is attacked by a particular ransom ware, others begin analyzing security measures for the same ransom ware to stay protected. Cybercriminals of course are aware of this strategy and therefore, keep releasing new mechanisms with every next attack.

2. Most common source of ransom ware is SPAM - 76 percent - According to a research conducted by our company, ransom ware attacks originate from spam or spammed links sent to end users. Therefore, the first step to be taken by companies is – install stronger spam filters. Only 16 percent of the ransom ware attacks come from other sources like hacking, compromised software or malicious apps downloaded from the app store. The remaining 8 percent are said to enter from malware or hampered websites.

3. Ransom ware-as-a-service (RaaS) is also a concept - Yes, there are some Dark net services providers who offer Ransom ware-as-a-Service (RaaS). They let cybercriminals use their platform, set up a ransom price and bit coin address. RaaS providers in turn charge 10 percent for every victim who pays ransom.

4. Money lost to ransom ware in Q1 2016 – $209million.As per reports of the FBI, $209 million was paid as ransom in just the first three months of 2016. The number obviously kept increasing through the rest of the year, indicating how companies are largely affected by ransom ware.

5. India faces 7 ransom ware attacks per hour - India ranks third in Asia Pacific when it comes to ransom ware attacks. There were around 60,000 in a year, which estimates to 7 every hour. And majority of these were done by crypto-ransom ware.

2016 was indeed a watershed year for enterprises in India, with nearly 46 percent of organizations in India suffering unplanned system downtime, data loss due to external or internal security breaches. It’s no denying the fact that Ransom ware is here to stay, and there is no sure shot one-fix-all solution that would stem this growing malice.

What’s needed is a proactive and systematic approach towards having organizations ready and vigilant of impending threats that loom large over most of the enterprises, whether big or small, and having a robust cyber security framework/mechanism in place that would serve as a watchdog over the organization. For instance, our ‘Worry Free Services’ aims to proactively stop any ransom ware variants. Companies need to deploy end point solutions that come with behavior monitoring along with application control features.