New Delhi: India to witness 53 per cent rise in ransomware incidents in 2022 (year-on-year) and IT and ITeS were the majorly affected sectors followed by finance and manufacturing, said India’s national cyber agency CERT-In in its latest report Is.
According to the “India Ransomware Report 2022”, ransomware players targeted critical infrastructure organizations and disrupted critical services in 2022 to exert pressure and extract ransom payments. ,ALSO READ: 12,000 Indian Govt Websites Under Threat Of Hacking By Indonesian Hacker; Center issued alert,
CERT-In said, “Variant-wise, LockBit was the most commonly seen variant in the Indian context followed by Macop and DjVu/Stop ransomware. 2022 saw several new variants such as Vice Society, BlueSky, etc.” ,Also Read: NSC Vs SBI 5-Year Bank Fixed Deposit (FD): Tax Saving Investments Compared,
Last year, a massive ransomware attack disrupted systems at the All India Institute of Medical Sciences (AIIMS), crippling its centralized records and other hospital services.
As per the CERT-In report, Lockbit, Hive and ALPHV/Blackcat, Black Basta variants became the major threats at the large enterprise level, while Conti, which was very active in the year 2021, went extinct in the first half. Year 2022.
“The Makop and Phobos ransomware families primarily target medium and small organizations. At the individual level, the DjVu/Stop variant has dominated attacks over the past few years,” the report said.
Most ransomware groups are exploiting known vulnerabilities for which patches are available. Product-wise vulnerabilities are being exploited in tech companies such as Microsoft, Citrix, Fortinet, SonicWall, Sophos, and Zoho. and Palo Alto etc. said in the report.
“Ransomware gangs are commonly using Microsoft Sysinternals utilities such as PsExec for lateral movements,” it added. The average recovery time for a transition to a reasonably large infrastructure network is about 10 days.
“For small networks/infrastructure, the restoration time is around 3 days and for individual systems it is 1 day,” the CERT-In report said. Ransomware gangs are becoming innovative in their approach to improve the operational efficiency of the attack.
“Ransomware builders are focusing on speed and performance. Instead of encrypting the entire file, a portion of the file is being targeted for encryption to save time. Multithreading is being used for faster encryption and decryption of files.” being leveraged,” the report noted.