Indian SMEs Are Still Easy Targets
In 2025, a new report by global cybersecurity firm Sophos revealed something alarming — small and medium-sized businesses (SMEs) in India are still very vulnerable to ransomware attacks. Despite some signs of progress, many of these companies are not well prepared to defend themselves against cybercriminals.
Until a ransom is paid, a malicious virus known as ransomware prevents access to a company’s data or systems. Sophos studied 378 Indian companies that were hit by ransomware in the past year. The findings show that although awareness is growing, the vast majority of businesses still do not take strong action to protect themselves.
India has over 50 million SMEs. But only a small fraction of them are currently aware of cybersecurity threats and are taking steps to safeguard their data. Most others remain exposed. Sophos says that ransomware does not target only big companies — it goes after anyone it sees as a potential source of money. Since most SMEs don’t invest much in cybersecurity, they are much easier to attack.
Signs of Improvement but Big Gaps Remain
The report does show some positive changes. For instance, the average ransom demand in India has come down by 52%. It now stands at around $961,289. The actual amount paid by companies has fallen even more by 79% to an average of $481,636. This means fewer companies are giving in to ransom demands.
This year, just 53% of Indian businesses paid the ransom to recover their data. That’s better than last year when 65% ended up paying. More companies are now using data backups and preparing in advance, which helps them recover without paying criminals.
However, many gaps still remain. The report points out that exploited system weaknesses were the biggest reason for ransomware attacks. These were responsible for 29% of the cases. Other common entry points included stolen passwords (22%) and bad email links (21%).
Apart from technical issues, businesses also struggled with internal weaknesses. Around 41% of the companies said they didn’t have enough skilled people or good protection tools. Another 39% admitted that their companies lacked the right cybersecurity services and systems to fight back.
These weaknesses make it easy for cybercriminals to break into company systems and hold them hostage.
The Real Cost and Emotional Pressure
Ransomware attacks don’t just cost companies money. They also cause stress, loss of time, and emotional pressure. Even if a company decides not to pay the ransom, the cost of fixing the damage is huge. On average, Indian companies spent $1.01 million to recover from a ransomware attack. This includes the cost of network repairs, lost business time, recovery of devices, and the effort of the employees involved.
Many employees, especially in cybersecurity teams, reported feeling burnt out and anxious. About 46% of them said they constantly worry about the possibility of another attack. Another 42% felt that their top bosses were putting more pressure on them. Around 30% of professionals said they felt guilty for not being able to prevent the attack from happening in the first place.
🛑 Sanctions Slam Aeza! U.S. and UK Team Up to Shut Down Russia’s Ransomware Powerhouse
When looking at which industries were affected the most, the Banking, Financial Services, and Insurance (BFSI) sector stood out. This industry faced the highest number of ransomware incidents. However, experts warned that no industry is safe anymore. As hackers become smarter, every sector is at risk.
To fight back, companies are being urged to fix system flaws and improve staff knowledge. They should also set up strong antivirus systems, prepare clear emergency plans, and keep updated data backups in safe places.
