Healthcare organisations lose an estimated 20 per cent of their sensitive data in every ransomware attack, said a report on Thursday, adding that 69 per cent of the Indian information technology (IT) and security leaders, reported that software as a service (SaaS), had the most malicious cyber activity in 2023.
According to the study conducted by Rubrik Zero Labs, 98 per cent of the Indian IT and security leaders also experienced loss of sensitive information in 2023. Rubrik is a cloud security provider that secures data across enterprise, cloud, and SaaS applications through machine learning.
One of the main reasons for such data breaches was because cloud became more widely adopted. New security blind spots emerged, because, organisations are becoming more dependent on the cloud. In 2023, Rubrik observed that cloud architecture stored 13 per cent of an organisation’s data, compared to 9 per cent in 2022.
The report titled -- “The State of Data Security: Measuring Your Data’s Risk,” also said that 55 per cent of Indian IT companies reported that their companies paid a ransom due to data extortion threats and 53 per cent of them confirmed that malicious cyber actors were successful in harming the backup and recovery options.
“With the surge in digital service delivery and cloud adoption, the region faces escalating cyber threats, posing significant risks to sensitive data, especially in healthcare, where, vast amounts of information are handled. There’s a pressing need for deeper collaboration between the government, industry, and other stakeholders in fortifying cyber resilience in Asia, particularly in critical sectors like healthcare,” Abhilash Purushothaman, Vice President and General Manager, Asia at Rubrik, said.
According to a report also by Sophos (another cyber security provider), recently, 44 per cent of impacted computers on average were encrypted in attacks against Indian victims and 34 per cent of attacks included data theft in addition to encryption, slightly down from 38 per cent the previous year.
Excluding ransom payments, the average cost to recover from an attack was $1.35 million, it said adding that for the first time, Indian organisations were found to be more likely to recover data by paying the ransom (65 per cent) than using backups (52 per cent).
The average ransom demand was $4.8 million, with 62 per cent of demands exceeding $1 million. The median ransom paid was $2 million, it added.