This is the most-targeted sector
Ransomware threats continued an upward trajectory in 2022 and the year saw ransomware gangs broaden their attacks with increased frequency and complexity, a report said. According to India’s nodal cybersecurity agency, Computer Emergency Response Team (CERT-In), the country saw a 53% year-over-year (YoY) increase in ransomware incidents in the year 2022.
According to CERT-In’s “India Ransomware Report 2022”, IT and ITeS was the most targeted sector, followed by finance and manufacturing. Education, healthcare, transport, and energy completed the list of majorly attacked sectors.
“Variant wise, Lockbit was a majorly seen variant in the Indian context followed by Makop and DJVU/Stop ransomware. Many new variants were observed in 2022 such as Vice society, BlueSky etc,” the report said.
Read Also
Most-used ransomware variants
CERT-In report said that variant wise, Lockbit was a majorly seen variant in the Indian context. “Lockbit was followed by Makop and DJVU/Stop ransomware. Many new variants were observed in 2022 such as Vice society, BlueSky etc. Leaked Ransomware source codes are getting forked to launch new Ransomware brands,” the report said.
When it comes to large enterprises, Lockbit, Hive and ALPHV/BlackCat, Black Basta variants became major threats.
Makop and Phobos Ransomware families mainly targeted medium and small organisations. At individual level, Djvu/Stop variants continued dominance in attacks over the past few years.
Read Also
Vulnerabilities exploited
The CERT-In report said that most of the ransomware groups exploited known vulnerabilities for which patches are available. Some of the product-wise vulnerabilities being exploited are in Microsoft Exchange, Citrix, Fortinet, SonicWall, Sophos, Zoho and Palo Alto.
Time spent to restore systems
According to the report, on an average, the restoration time is about 10 days for infections in reasonably large infrastructure networks. When it comes to smaller networks/infrastructure, the restoration time is around 3 days and for individual systems it is 1 day.
The report also said that ransomware builders are focusing on speed and performance. Instead of encrypting the entire file, a portion of the file is getting targeted for encryption to save time.
FacebookTwitterLinkedin
Ransomware threats continued an upward trajectory in 2022 and the year saw ransomware gangs broaden their attacks with increased frequency and complexity, a report said. According to India’s nodal cybersecurity agency, Computer Emergency Response Team (CERT-In), the country saw a 53% year-over-year (YoY) increase in ransomware incidents in the year 2022.
According to CERT-In’s “India Ransomware Report 2022”, IT and ITeS was the most targeted sector, followed by finance and manufacturing. Education, healthcare, transport, and energy completed the list of majorly attacked sectors.
“Variant wise, Lockbit was a majorly seen variant in the Indian context followed by Makop and DJVU/Stop ransomware. Many new variants were observed in 2022 such as Vice society, BlueSky etc,” the report said.
Read Also
Most-used ransomware variants
CERT-In report said that variant wise, Lockbit was a majorly seen variant in the Indian context. “Lockbit was followed by Makop and DJVU/Stop ransomware. Many new variants were observed in 2022 such as Vice society, BlueSky etc. Leaked Ransomware source codes are getting forked to launch new Ransomware brands,” the report said.
When it comes to large enterprises, Lockbit, Hive and ALPHV/BlackCat, Black Basta variants became major threats.
Makop and Phobos Ransomware families mainly targeted medium and small organisations. At individual level, Djvu/Stop variants continued dominance in attacks over the past few years.
Read Also
Vulnerabilities exploited
The CERT-In report said that most of the ransomware groups exploited known vulnerabilities for which patches are available. Some of the product-wise vulnerabilities being exploited are in Microsoft Exchange, Citrix, Fortinet, SonicWall, Sophos, Zoho and Palo Alto.
Time spent to restore systems
According to the report, on an average, the restoration time is about 10 days for infections in reasonably large infrastructure networks. When it comes to smaller networks/infrastructure, the restoration time is around 3 days and for individual systems it is 1 day.
The report also said that ransomware builders are focusing on speed and performance. Instead of encrypting the entire file, a portion of the file is getting targeted for encryption to save time.
FacebookTwitterLinkedin
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.