By Saurabh Shukla
New Delhi: New research from Rubrik Zero Labs (RZL) finds that Indian organisations are facing a wave of cyberattacks. In the past year, 80 per cent of Indian organisations that experienced a ransomware attack paid a ransom to recover their data or to stop the ransomware attack. Significantly, 52 per cent of Indian organisations paid a ransom due to data extortion threats, while 44 per cent of Indian organisations reported that cyber attackers successfully affected their backup and recovery options. Cyber experts believe that there is no need to give money to these attackers and also advise that people should focus on disaster recovery and backup systems for their data.
RZL research also notes that 65 per cent of organisations in India store their sensitive data across multiple environments, such as on-premises, cloud, or using SaaS, out of which 38 per cent acknowledge the challenges of securing data across multiple environments.
As many as 44 per cent of Indian organisations reported that cyber attackers successfully affected their backup and recovery options. The consequences of these attacks were that 29 per cent of respondents reported financial losses, 31 per cent noted reputational damage and loss of customer confidence, and 36 per cent experienced a forced leadership change following a cyber incident.
The report, “The State of Data Security in 2025: A Distributed Crisis”, is based on insights from over 1,600 IT and security leaders across 10 countries from the US, UK, France, Germany, Italy, Netherlands, Japan, Australia, Singapore and India. From India, 125 IT respondents participated in the survey conducted by Wakefield Research.
Talking about the report, Ashish Gupta, Managing Director, India, & Head of Engineering, Rubrik, said, "The latest RZL report serves as a wake-up call for Indian IT leaders. This highlights the urgent need for data resilience and security in today’s complex hybrid environments, where data is increasingly spread across on-premises infrastructure, public clouds, and SaaS platforms. This distributed model significantly expands the attack surface, making sensitive data more vulnerable to sophisticated and fast-evolving ransomware threats, Gupta added.
He further said that modern cyber threats are no longer limited to malware; they’re increasingly driven by social engineering and identity-based attack strategies. With identity now at the centre of nearly 80 per cent of breaches reported by organisations, this signals that attackers are shifting focus to strategies that include: compromising credentials, hands-on-keyboard intrusions, and moving laterally across hybrid environments. In this landscape, organisations need architectural solutions that not only deliver unified visibility and rapid recovery but also place identity at the core of their cyber resilience strategy.
Cyber Expert Pawan Duggal told ETV Bharat that these days, ransomware is the biggest cybersecurity challenge in the country. Last year, one Indian company was caught by these fraudsters every 11 seconds, he said. "Going forward, this frequency is likely to come down to 9 seconds," he added.
He also said that when clients approach them after being attacked, they advise them not to pay any ransom in any way. This is because a new trend of data wipers has emerged, where attackers don't return the data even after receiving payment. In such cases, there is no benefit in paying the ransom.
What happens if you give money
- It shows that you are scared
- No guarantee that data will be available
- You have money and can be attacked again
What is ransomware
According to the Indian Computer Emergency Response Team (CERT-In), ransomware is a category of malware that gains access to systems and makes them unusable to their legitimate users, either by encrypting different files on targeted systems or locking the system's screen unless a ransom is paid.
How to deal with it?
According to Pawan Duggal, companies should now strongly focus on disaster recovery and backup systems. These backups should be stored in locations that are out of reach of attackers. Instead of relying on makeshift solutions (jugaad), people should prioritise cyber resilience. He also emphasised that the government should implement strong laws in this regard, as the current IT Act and the Indian Judicial Code do not adequately address these issues.
