Shocking Vulnerability Exposed in Indian SMEs to Ransomware Attacks

Indian SMEs Are Still Easy Targets

In 2025, a new report by global cybersecurity firm Sophos revealed something alarming — small and medium-sized businesses (SMEs) in India are still very vulnerable to ransomware attacks. Despite some signs of progress, many of these companies are not well prepared to defend themselves against cybercriminals.

Until a ransom is paid, a malicious virus known as ransomware prevents access to a company’s data or systems.   Sophos studied 378 Indian companies that were hit by ransomware in the past year. The findings show that although awareness is growing, the vast majority of businesses still do not take strong action to protect themselves.

India has over 50 million SMEs. But only a small fraction of them are currently aware of cybersecurity threats and are taking steps to safeguard their data. Most others remain exposed. Sophos says that ransomware does not target only big companies — it goes after anyone it sees as a potential source of money. Since most SMEs don’t invest much in cybersecurity, they are much easier to attack.

Signs of Improvement but Big Gaps Remain

The report does show some positive changes. For instance, the average ransom demand in India has come down by 52%. It now stands at around $961,289. The actual amount paid by companies has fallen even more by 79% to an average of $481,636. This means fewer companies are giving in to ransom demands.

This year, just 53% of Indian businesses paid the ransom to recover their data. That’s better than last year when 65% ended up paying. More companies are now using data backups and preparing in advance, which helps them recover without paying criminals.

However, many gaps still remain. The report points out that exploited system weaknesses were the biggest reason for ransomware attacks. These were responsible for 29% of the cases. Other common entry points included stolen passwords (22%) and bad email links (21%).

Apart from technical issues, businesses also struggled with internal weaknesses. Around 41% of the companies said they didn’t have enough skilled people or good protection tools. Another 39% admitted that their companies lacked the right cybersecurity services and systems to fight back.

These weaknesses make it easy for cybercriminals to break into company systems and hold them hostage.

The Real Cost and Emotional Pressure

Ransomware attacks don’t just cost companies money. They also cause stress, loss of time, and emotional pressure. Even if a company decides not to pay the ransom, the cost of fixing the damage is huge. On average, Indian companies spent $1.01 million to recover from a ransomware attack. This includes the cost of network repairs, lost business time, recovery of devices, and the effort of the employees involved.

Many employees, especially in cybersecurity teams, reported feeling burnt out and anxious. About 46% of them said they constantly worry about the possibility of another attack. Another 42% felt that their top bosses were putting more pressure on them. Around 30% of professionals said they felt guilty for not being able to prevent the attack from happening in the first place.

🛑 Sanctions Slam Aeza! U.S. and UK Team Up to Shut Down Russia’s Ransomware Powerhouse

When looking at which industries were affected the most, the Banking, Financial Services, and Insurance (BFSI) sector stood out. This industry faced the highest number of ransomware incidents. However, experts warned that no industry is safe anymore. As hackers become smarter, every sector is at risk.

To fight back, companies are being urged to fix system flaws and improve staff knowledge. They should also set up strong antivirus systems, prepare clear emergency plans, and keep updated data backups in safe places.

Renuka Bangale
Renuka Bangale
Renuka is a distinguished Chartered Accountant and a Certified Digital Threats Analyst from Riskpro, renowned for her expertise in cybersecurity. With a deep understanding of cybercrimes, malware, cyber warfare, and espionage, she has established herself as an authority in the field. Renuka combines her financial acumen with advanced knowledge of digital threats to provide unparalleled insights into the evolving landscape of information security. Her analytical prowess enables her to dissect complex cyber incidents, offering clarity on risks and mitigation strategies. As a key contributor to Newsinterpretation’s information security category, Renuka delivers authoritative articles that educate and inform readers about emerging threats and best practices.

TOP 10 TRENDING ON NEWSINTERPRETATION

Leaked emails expose Epstein’s secret hand in Israel–Mongolia security pact with Barak

A new set of leaked emails shows Jeffrey Epstein...

Award stage turns battlefield as Harris brands Trump an unchecked, incompetent and unhinged President

Kamala Harris, the former vice president and 2024 Democratic...

Newsom office doubles down on fascist label for Miller citing his political actions and views

Newsom’s Office Takes a Bold Stance California Governor Gavin Newsom’s...

The privacy-first app that just blew past 350,000 new users a day

Explosive Growth Surprises Users Arattai, the messaging app developed by...

Federal firepower hits AOC’s Queens district as FBI targets Roosevelt Avenue crime empire

The FBI has moved into action in Queens, New...

Book bombshell: Harris says Newsom never called back after dismissive ‘Hiking’ message

Former Vice President Kamala Harris is making headlines again,...

South Korea reels from wave of cyberattacks — nearly 1 million personal records stolen in 2025

Cyberattacks on South Korea’s state agencies have reached alarming...

Kristi Noem Accused of Rushing Millions to Florida Pier Near Rumored Lover’s Home

Homeland Security Secretary Kristi Noem faces serious questions. A...

Ian Calderon moves to address cost of living crisis in bid to succeed Gavin Newsom as governor

A Millennial Candidate Steps Forward Former California State Assembly Majority...

Harrods Issues Urgent Warning After Customer Data Stolen in IT Breach

Personal details exposed in breach at third-party system Luxury department...

Newsom office doubles down on fascist label for Miller citing his political actions and views

Newsom’s Office Takes a Bold Stance California Governor Gavin Newsom’s...

The privacy-first app that just blew past 350,000 new users a day

Explosive Growth Surprises Users Arattai, the messaging app developed by...

Book bombshell: Harris says Newsom never called back after dismissive ‘Hiking’ message

Former Vice President Kamala Harris is making headlines again,...

South Korea reels from wave of cyberattacks — nearly 1 million personal records stolen in 2025

Cyberattacks on South Korea’s state agencies have reached alarming...

Kristi Noem Accused of Rushing Millions to Florida Pier Near Rumored Lover’s Home

Homeland Security Secretary Kristi Noem faces serious questions. A...

Related Articles

Popular Categories

error: Content is protected !!