A new cybersecurity survey has revealed that more than half of Indian enterprises—around 56%—experienced ransomware attacks in the past year, underscoring the country’s growing vulnerability to sophisticated cyber threats. The report, compiled by a leading cybersecurity firm, indicates that both large corporations and mid-sized businesses have been prime targets for hackers seeking financial gain through data encryption and extortion.

Sectors most affected by ransomware
According to the findings, the IT, financial services, manufacturing, and healthcare sectors were the most affected, given their reliance on large data sets and digital infrastructure. Attackers have increasingly exploited vulnerabilities in outdated systems and third-party software integrations, often using phishing and malicious email campaigns as the primary entry points.

Rise in ransom demands and operational downtime
The report highlights that ransom demands in India have surged by nearly 40% year-over-year, with the average ransom exceeding USD 1 million for large enterprises. Moreover, nearly 70% of affected companies reported significant operational downtime, leading to both financial losses and reputational damage. Many victims also admitted paying the ransom despite no guarantee of full data recovery.

AI-powered attacks complicating cybersecurity defense
Experts warn that AI-driven ransomware attacks are becoming increasingly common, allowing hackers to automate system infiltration, evade detection, and customize ransom notes. This evolution in attack sophistication has made traditional defense mechanisms less effective, forcing organizations to adopt zero-trust frameworks and AI-based threat detection systems to mitigate risks.

Need for stronger cyber resilience and data protection policies
The survey urges Indian enterprises to prioritize cybersecurity training, implement regular data backups, and invest in endpoint protection to strengthen defenses. It also calls for closer collaboration between government agencies, CERT-In, and the private sector to improve threat intelligence sharing and develop a national ransomware response strategy.