India has increasingly become one of the top targets for ransomware attacks in the Asia Pacific and Japan region, now ranking second in terms of successful attacks. This alarming trend is highlighted in the recent 2024 Ransomware Report by Zscaler ThreatLabz, which analyzes ransomware incidents from April 2023 to April 2024. The report reveals a global surge in ransomware attacks, emphasizing the escalating threat to critical sectors worldwide.

Ransomware attacks, a type of malware assault, prevent users from accessing their files, systems, or networks. Cybercriminals demand ransom payments in exchange for restoring access to these systems. Common methods employed in ransomware attacks include phishing, exploiting Remote Desktop Protocol (RDP), and credential abuse. However, hackers are continually finding new ways to exploit software vulnerabilities, making it a persistent and evolving threat.

Globally, ransomware attacks have surged by 18% year-on-year, with the report citing a staggering ransom payment of $75 million made to the Dark Angels ransomware group. This amount nearly doubles the largest publicly known payout to date, raising concerns that such record payments will embolden other cybercriminals to adopt similar tactics, further exacerbating the global threat landscape.

The Asia Pacific region, particularly India, is witnessing a rapid pace of digital transformation, with 1.3 billion more AI-related transactions than any other region, including Europe, West Asia, and Africa (EMEA). This growth, particularly in artificial intelligence (AI) and machine learning (ML) technologies, has positioned India as a prime target for cybercriminals. Despite the sophistication of these attacks, the number of successful ransomware incidents in India has remained relatively flat, with a slight decrease from 62 incidents in 2023 to 60 in 2024.

Nevertheless, the rise of AI-powered attacks is expanding vulnerabilities within India’s digital defenses, prompting urgent calls for enhanced cybersecurity measures.

According to the Zscaler report, India’s manufacturing sector remains the most targeted, accounting for nearly 29% of ransomware incidents. Other key industries under threat include healthcare and financial services, each representing 8.89% of incidents, alongside technology and pharmaceuticals.

The report also highlighted the growing use of Ransomware-as-a-Service (RaaS), zero-day attacks on outdated systems, and AI-driven strategies as significant contributors to the rise in cybercrime. Deepen Desai, Chief Security Officer at Zscaler emphasised the importance of Zero Trust security frameworks in the fight against ransomware. He noted that organisations must prioritise these architectures to reduce vulnerabilities and prevent costly breaches.

“With AI-powered attacks becoming more prevalent, a Zero Trust platform, like Zscaler, plays a pivotal role in mitigating risks, reducing the impact of breaches, and closing potential attack vectors,” said Desai.

The report also identifies the top ransomware families operating in India, with LockBit leading the charge, responsible for 23.33% of attacks. Following LockBit are BianLian (16.67%), BlackCat (11.67%), 8Base (10%), and Mallox (5%). LockBit continues to dominate both in India and globally, with emerging groups like Dark Angels expected to pose future threats.