SpiceJet flights came to a halt and hundreds of passengers were stranded at Indian airports last month. The company said that it had prevented a ransomware attack that had disrupted the airline’s systems and caused numerous flights to be delayed for many hours. While the event resulted in strained passenger tempers and complicated logistics, it has switched the focus to the threat of ransomware attacks, which garnered attention in 2017.

Also Read| Cyberattack leaks data of half-a-million Chicago school students, staff

Malwarebytes, a developer of anti-malware software, has reported 280 occurrences of cyberattacks by recognised kinds of ransomware in April 2022. 

According to a report by Verizon, ransomware attacks increased by 13% globally in 2021, including in India.

Also Read| Pro-Russia hackers’ attempts to disrupt Eurovision thwarted by Italian police

According to the “2022 Data Breach Investigations Report (DPIR),” last year saw more ransomware attacks than the prior four years combined. Verizon assessed 5,212 breaches and 23,896 cybersecurity events reported by 87 organisations for the purpose of the study.

Also Read| How Ukraine thwarted Russian hackers’ attack on power grid again

A ransomware attack, as the term implies, is an effort by hackers to keep a system hostage.

Until the victim — generally a big organisation — pays a ransom, the attacker will restrict their access to the system. This is accomplished via getting remote access to a system or duping the target into downloading or clicking on a link sent through email, which encrypts and locks the user’s data.

Also Read| Uvalde shooting: Felicha Martinez lost her son, won’t ever forget his smile

Highly advanced ransomware attacks, such as WannaCry, may spread across systems without the need for human involvement.

The report identifies four major methods a hacker may take to keep an organization hostage: duplicating credentials, phishing, exploiting vulnerabilities, and deploying botnets. In 2021, duplicating credentials was the most common way of conducting a ransomware attack, accounting for almost 40% of all attacks.

Also Read| Who was John Zderko, ‘Criminal Minds’ and ‘The Mentalist’ actor dead at 60?

The majority of ransomware perpetrators seek ransom through untraceable payment methods, such as cryptocurrency. The WannaCry attack, which lasted four days from May 12 to 15, 2017, compromised over 2 lakh systems in 150 countries, resulting in billions of dollars in commercial losses.

Also Read| Story of Angel Garza, whose daughter Amerie Jo died in Texas school shooting

According to cybersecurity firm Quick Heal Technologies, WannaCry targeted around 48,000 systems in the attack, with the majority of instances occurring in West Bengal.

In August 2018, a version of WannaCry affected 10,000 Computers at TSMC, prompting the business to shut down some of its chip-fabrication units temporarily.

Also Read| Meet Capt Abhilasha Barak, Indian Army’s first woman combat aviator

The North Korean government was suspected of launching the WannaCry attacks, with the US Department of Justice arresting a hacker called Park Jin-hyok in 2019.

According to the Verizon report, awareness should be sufficient in most circumstances to mitigate the danger – 40% of ransomware occurrences utilised desktop sharing software, and 35% involved email attachments/links.

Also Read| Who was Salvador Rolando Ramos, the 18-year-old Texas elementary school shooter?

“If attackers have credentialed remote access, they can leverage that directly. Otherwise, they must make their own remote access by emailing either malicious links or attachments,” the report states.

“Locking down your external-facing infrastructure, especially RDP (remote desktops) and emails, can go a long way toward protecting your organisation against ransomware,” the report adds.

Also Read| Ballots and bullets: What Texas elections looked like after Uvalde school shooting

Malwarebytes published guidance on the better strategies to alleviate ransomware attacks, including performing regular, offline, and password-protected backups of data, network segmentation so that systems on a single network are not accessible from every other machine, regularly updating antivirus, operating systems, and other software, multi-factor authentication while logging in and adding an email banner to emails received from outside the organisation.

Also Read| French Open 2022: Day 3 sees Nadal and Djokovic cruise past, Sakkari out

The greatest defence, according to Risk Recon, a Mastercard-owned third-party cyber risk management firm, is to raise awareness, whether at an individual or organisational level.

Because of the pandemic’s digitalization, India has become an increasingly prime area for malicious attackers. Somewhere at end of the day, certain attacks will always get through, which is still a significant amount considering the high volumes of such threats that India confronts.

Also Read| ‘Truly special’: Jose Mourinho on Roma’s Europa Conference League win

According to Gartner, technical research and consulting group based in the United States, end-user expenditure on security and risk management in India is expected to reach 2.6 billion dollars in 2022, representing a 9.4% increase over 2021.

Also Read| Timeline of how alleged Texas school shooter purchased his guns, ammunition

According to Gartner’s report, the country has a serious shortage of competent cybersecurity specialists. As a result, end-user organisations in India frequently turn to security service providers to achieve their cybersecurity goals. Therefore spending on security services is expected to reach $1 billion in 2022, the most among all categories. This will be followed by investments in network security and infrastructure protection.