It has been quite a while since cyber-attacks have been duping businesses and organizations. And often, companies are dubious about their response and how to take them down. A new entrant, known as Ransomware, has to be watched out for. A US-based network and cybersecurity leader Sophos has released a report titled “The State Of endpoint Security Today” which deduced that Indian SMEs were the most targeted by Ransomware attacks.
Ransomware is a type of Malware from Cryptovirology that is designed to lock user’s data and restricts access to the computer system unless a ransom is paid to unlock it. The ransom is demanded via bitcoin. A company’s data happens to be one of its most important assets, this breach makes it highly dangerous for them and surely profitable for hackers.
The extensive research from Sophos involved an independent study of 2,700 mid-sized organizations across 5 continents. The key areas of concern were – security breaches, technology usage, attitude to threats and future investment plans. The survey covered 300 businesses in India across Delhi, Bangalore, Kolkata, Hyderabad, Mumbai and Chennai.
As per the report, a full two-thirds (67%) of mid-sized Indian organizations were victims of Ransomware in the last 12 months. The median cost for Indian SMEs stood highest at $1.17 million to rectify the damages. While $13.74 was spent by merely 3% of all the organizations worldwide to bounce back from the ransomware attacks. Interestingly, 91% Indian SMEs claimed to use the latest updated version of endpoint protection when they were hit by this malicious software.
Some other interesting findings of the report include –
- Of all the sectors, Healthcare sector was worst hit by the ransomware attacks at 76%. On the other hand, Financial services were least hit at 45%.
- 98% of respondents, from all geographies surveyed, agreed that having an anti-exploit technology on the endpoint is very important, but over 50% of organizations don’t have the anti-exploit technology, making them vulnerable to attacks.
- However, small organizations have the better level of understanding of anti-exploit technology than the larger ones. 28% of respondents from India had correctly identified the definition of anti-exploit software.
- With the advent of Machine and Deep Learning and AI, companies are actively employing predictive threat prevention technologies that allow them to stay ahead of these malware threats.
- India is also found to be the most optimistic country about the potential of machine learning technology. Over one-third (34%) of respondents from India are already using the predictive threat technologies such as deep and machine learning. While 63% are planning to implement it within next 12 months.
- A majority of Indians (89%) stated that stopping malware threats has become harder over the last year, but 99% of businesses believe that machine and deep learning will live up to the hype in detection and prevention of such cyber attacks.
( Anti-exploit software is the kind that prevents exploits that target applications and browser.)
“Since traditional endpoint technologies are often unable to keep up with advanced exploit attacks used to compromise a system, Sophos has added predictive, deep learning capabilities to the newest version of its next-generation endpoint protection product, Sophos Intercept X”. The Managing Director Sales at Sophos India and SAARC, Sunil Sharma, said.
Sophos Intercept X is the worlds most advanced next-gen endpoint protection. It uses deep learning and machine learning among other technologies for ransomware prevention and has anti-exploit capabilities to counter almost any complex malware.
In future, machine learning and deep learning should be deployed for endpoint security in India too. It is mainly because a lot of people are unaware of the incoming threats and then become docile by its impacts. We surely wouldn’t want to re-witness complex threats like WannaCry which infected more than 300,000 computers, worldwide. Machine Learning and Deep Learning can help businesses foresee both known and unseen threats.
The findings also showed that despite the growing intensity and magnitude of these attacks, Indian SMEs are still not prepared to counter and defend themselves. The major reason behind this being ignorance and negligence of Indian professionals. It would be interesting to see what steps would be taken by organisations after this alarming revelation.