Indian firms paid $ 481,636 on average for cyber attack demands, says Report (Source: Unsplash)
A recent study by UK-based cybersecurity company Sophos has revealed the serious financial impact of ransomware on Indian businesses. On average, Indian companies paid around 481,636 dollars (over Rs 4 crore) in ransom, while the total cost of recovery went up to 1.01 million dollars.
The report, titled State of Ransomware 2025, noted a sharp fall in ransom demands and payments. The median ransom demand dropped by 52%, going from USD 2 million to USD 961,289. Meanwhile, actual payments fell even more, down 79%. Despite this, nearly half of the Indian companies paid the full demand, while 12% paid even more than asked, showing how unpredictable these situations can be.
53% of Indian businesses paid the ransom to recover their data, according to the report, which was based on a poll of 3,400 IT and cybersecurity specialists from 17 different countries, including 378 Indian enterprises. This is a noticeable decrease from 65% last year, indicating a shift in how businesses respond to such attacks.
When it comes to how these attacks happen, the most common method was through exploited security weaknesses, which accounted for 29% of the attacks. Stolen login credentials were behind 22% of incidents, while malicious emails caused 21% of the cases.
From an internal operations point of view, 41% of businesses blamed a shortage of skilled staff or weak cybersecurity systems. Additionally, 39% admitted they lacked the right tools or services to prevent these attacks.
The report also highlighted that 31% of Indian companies experienced data theft during ransomware attacks—slightly down from 34% the previous year. Also, ransom demands over 1 million dollars were made to 49 per cent of firms, down from 62 per cent the year before.
Copyright © 2025 Top Indian News
