Why Ransomware Continues to Threaten Indian SMEs Despite Awareness Campaigns
Introduction
Rapid growth in India’s Digital Economy has opened up various options for companies to utilise digital technology as part of their operations. Examples of these technologies include cloud computing; online payment systems; digitally enabled supply chains; and platforms that facilitate remote working. As small and medium enterprises(SMEs) represent a major part of India’s economy, they have quickly been able to capitalise on the benefits these technologies provide in improving their operational efficiency and developing an increased presence within the market. However, this rapid pace of digitalisation creates an exposure to a much greater breadth of cyber-security threats than ever for SMEs. Today, perhaps the greatest cyber-threat facing SMEs in India is ransomware, an increasing frequent type of cyber-attack that has been increasing on a global scale over the past few years and in response, there have been numerous initiatives by various government agencies, industry organisations, and cyber-security firms designed to educate the general public on the risks of ransomware.
What is Ransomware?
Ransomware is a type of malware, which prevents all users being able to access their file system or access their data until they pay a ransom. In a standard ransomware event an attacker will breach the company's network, and encrypt all critical files so that they are unable to be used. The attacker usually demands payment in bitcoin because it is a difficult trace and promises to provide a key to unlock the data in exchange for the payment. Attackers gain access to company networks by using social engineering techniques such as phishing email, stolen password, or exploiting an unpatched vulnerability in the software that is running on the company's network.
The Rising Threat of Ransomware
Cybercriminals have created one of the most destructive varieties of cybercrimes around the world through ransomware; while experts in the cybersecurity field project losses to global ransomware damage may reach $30 billion by 2025. There has also been a marked increase in SMEs being attacked by ransomware-based cybercriminals throughout India. NASSCOM has done research and found that many SMEs in India have experienced attempted ransomware attacks in the past few years alone. According to incident reports provided through CERT-In, there has been a noticeable increase in the number of cybercrime occurrences throughout different sectors of India’s economy since those reports began. These developments have shown an increase in the size and level of sophistication of ransomware related threats.
Why Indian SMEs Remain Vulnerable Despite Awareness
Despite increased awareness about cyber threats, there is a large number of Indian SMEs that continue to be vulnerable to ransomware. The main reason is financial limitations. Many small businesses typically have limited financial resources and those limited resources more often than not, go towards operations, including production, logistics, and marketing - cybersecurity costs are usually viewed as additional costs.
Another significant problem facing SMEs is a shortage of skilled cybersecurity professionals. Large enterprises typically have dedicated security teams responsible for protecting the enterprise, whereas SMEs will employ IT staff generally without any specific expertise in detecting/countering cyber threats. Human error are also significant contributors to these cyber incursion events. An employee can inadvertently click on an email link or download an infected attachment, or use a weak password - all of which could provide opportunities for cybercriminals to access the company's network. Phishing emails continue to be the most common approach for initiating ransomware.
Furthermore - many SMEs have implemented digital platforms, such as cloud-based applications and payment processing, without appropriately executing cybersecurity planning prior to implementation. Many of the issues that have arisen from such rapid digitisation are due to a lack of sufficient planned cybersecurity measures as part of the implementation process. This has also resulted in a situation where technological advancements such as Ransomware as a Service (RaaS) have created an even larger pool of potential perpetrators (cybercriminals) with little-to-no expertise being able to launch a widespread ransomware campaign using readily available/pre-manufactured tools.
Real-World Cyber Incidents Affecting Indian SMEs
As several examples recently demonstrate, Indian SMEs continue to experience significant cyber attack risks. Recently, a logistics firm located in Gurugram found itself locked out of nearly 4,000 shipments due to a ransomware attack, which cost them ₹12 lakhs to fix because they had poor backups and another incident in Gurugram which highlights how vulnerable many SMEs in the country continue to be to ransomware attacks. In the case of a garments company, a hacker compromised the company's server by placing ransomware on its system. The company was forced to shut down its computerised warehouse system as a result of the attack. Only after the company had lost access to its system, did it receive a ransom demand from the hacker, in the form of an email requesting payment of 15 bitcoins (approximately ₹25 lakh), in order for the hacker to restore the company's access to the system. The hacker also threatened to delete the company's financial and banking records if the ransom were not paid. Gurgaon Police's Cyber Cell received the report of the incident, and registered a first information report (FIR) against unknown hackers. The case represents an opportunity for SMEs to evaluate the risks associated with ransomware.
Bridging the Gap Between Awareness and Implementation
Although awareness campaigns can show organisations what types of cybersecurity risks they’re exposed to, these campaigns will not keep businesses from being victims of a ransomware attack by themselves.. The most critical step forward is the implementation of the principles of cybersecurity from an understanding viewpoint to that of an active action. Organisations need to go beyond being aware of the risks related to cyber and then put measures in place to mitigate those risks.
To improve cybersecurity, organisations may need to spend money on developing and maintaining systems; set up regular training for employees on handling cyber threats and implementing an incident response plan to address security incidents; back up data regularly; maintain the hardware and software used in the organisation's computer systems at least once a month (or more often if necessary); and monitor all aspects of its computer systems continuously for weaknesses or problems.
The Way Forward: Strengthening SME Cybersecurity
In order to truly address the ransomware threat, collaboration by businesses, government agencies and cyber security professionals is mandatory. One of the biggest roles in this collaboration is through governmental initiatives to enhance the overall level of awareness of digital security among SMEs (small to medium-sized enterprises). Improved SME understanding of cyber risks will be based on the availability of affordable security solutions that are specifically tailored for small businesses.
Industry partnerships as well as public-private partnerships also aid the sharing of threat intelligence to strengthen collaborative defense against all cybercriminal activity.
Conclusion
Despite Indian SMEs being aware of cyber threats, they have been unable to implement safeguards or Cyber Security plans due to limited financial resources, insufficient qualified personnel, human errors, and the rapid pace at which digital technology is being adopted without adequate Cyber Security measures. In order to respond effectively to the growing threat of Ransomware, Indian SMEs must evolve from being aware of cyber threats to proactively developing Cyber Security strategies that will allow them to prevent, prepare for, and recover from the increased cyber threat posed by the rapidly growing digitalisation of business within an increasingly globalised economy.
References
- https://www.ibm.com/think/topics/ransomware
- https://primeinfoserv.com/indias-sme-cybersecurity-crisis-real-incidents-real-lessons-2024-2025/
- https://timesofindia.indiatimes.com/city/gurgaon/ransomware-attack-on-apparel-firm-all-data-lost/articleshow/59496777.cms#
- https://ciso.economictimes.indiatimes.com/news/cybercrime-fraud/indian-businesses-face-nearly-700-ransomware-attacks-per-day-kaspersky/120471668
- https://smestreet.in/msmenews/indian-smes-remain-alarmingly-exposed-to-ransomware-threats-sophos-report-2025-9456628
- https://m.economictimes.com/news/how-to/how-can-indian-smes-combat-ransomware-attacks/articleshow/108047111.cms
Related Blogs
Introduction
As our experiments with Generative Artificial Intelligence (AI) continue, companies and individuals look for new ways to incorporate and capitalise on it. This also includes big tech companies betting on their potential through investments. This process also sheds light on how such innovations are being carried out, used, and affect other stakeholders. Google’s AI overview feature has raised concerns from various website publishers and regulators. Recently, Chegg, a US-based tech education company that provides online resources for high school and college students, has filed a lawsuit against Google alleging abuse of monopoly over the searching mechanism.
Legal Background
Google’s AI Overview/Search Generative Experience (SGE) is a feature that incorporates AI into its standard search tool and helps summarise search results. This is then presented at the top, over the other published websites, when one looks for the search result. Although the sources of the information present are linked, they are half-covered, and it is ambiguous to tell which claims made by the AI come from which link. This creates an additional step for the searcher as, to find out the latter, their user interface requires the searcher to click on a drop-down box. Individual publishers and companies like Chegg have argued that such summaries deter their potential traffic and lead to losses as they continue to bid higher for advertisement services that Google offers, only to have their target audience discouraged from visiting their websites. What is unique about the lawsuit that has been filed by Chegg, is that it is based on anti-trust law rather than copyright law, which it has dealt with previously. In August 2024, a US Federal Judge had ruled that Google had an illegal monopoly over internet search and search text advertising markets, and by November, the US Department of Justice (DOJ) filed its proposed remedy. Some of them were giving advertisers and publishers more control of their data flowing through Google’s products, opening Google’s search index to the rest of the market, and imposing public oversight over Google’s AI investments. Currently, the DOJ has emphasised its stand on dismantling the search monopoly through structural separations, i.e., divesting Google of Chrome. The company is slated to defend itself before the DC District Court Judge Amit Mehta starting April 20, 2025.
CyberPeace Insights
As per a report by Statista (Global market share of leading search engines 2015-2025), Google, as the market leader, held a search traffic share of around 89.62 per cent. It is also stated that its advertising services account for the majority of its revenue, which amounted to a total of 305.63 billion U.S. dollars in 2023. The inclusion of the AI feature is undoubtedly changing how we search for things online. Benefits for users include an immediate, convenient scan of general information pertaining to the looked-up subject, but it may also raise concerns on the part of the website publishers and their loss of ad revenue owing to fewer impressions/clicks. Even though links (sources) are mentioned, they are usually buried. Such a searching mechanism questions the incentive on both ends- the user to explore various viewpoints, as people are now satisfied with the first few results that pop up, and the incentive for a creator/publisher to create new content as well as generate an income out of it. There might be a shift to more passive consumption rather than an active one, where one looks up/or is genuinely searching for information.
Conclusion
AI might make life more convenient, but in this case, it might also take away from small businesses, their finances, and the results of their hard work. It is also necessary for regulators, publishers, and users to continue asking such critical questions to keep the accountability of big tech giants in check, whilst not compromising their creations and publications.
References
- https://www.washingtonpost.com/technology/2024/05/13/google-ai-search-io-sge/
- https://www.theverge.com/news/619051/chegg-google-ai-overviews-monopoly
- https://economictimes.indiatimes.com/tech/technology/google-leans-further-into-ai-generated-overviews-for-its-search-engine/articleshow/118742139.cms?from=mdr
- https://www.nytimes.com/2024/12/03/technology/google-search-antitrust-judge.html
- https://www.odinhalvorson.com/monopoly-and-misuse-googles-strategic-ai-narrative/
- https://cio.economictimes.indiatimes.com/news/artificial-intelligence/google-leans-further-into-ai-generated-overviews-for-its-search-engine/118748621
- https://www.techpolicy.press/the-elephant-in-the-room-in-the-google-search-case-generative-ai/
- https://www.karooya.com/blog/proposed-remedies-break-googles-monopoly-antitrust/
- https://getellipsis.com/blog/googles-monopoly-and-the-hidden-brake-on-ai-innovation/
- https://www.statista.com/statistics/266249/advertising-revenue-of-google/#:~:text=Google:%20annual%20advertising%20revenue%202001,local%20products%20are%20more%20preferred.
- https://www.statista.com/statistics/1381664/worldwide-all-devices-market-share-of-search-engines/
- https://www.techpolicy.press/doj-sets-record-straight-of-whats-needed-to-dismantle-googles-search-monopoly/
Introduction
Meta is the leader in social media platforms and has been successful in having a widespread network of users and services across global cyberspace. The corporate house has been responsible for revolutionizing messaging and connectivity since 2004. The platform has brought people closer together in terms of connectivity, however, being one of the most popular platforms is an issue as well. Popular platforms are mostly used by cyber criminals to gain unauthorised data or create chatrooms to maintain anonymity and prevent tracking. These bad actors often operate under fake names or accounts so that they are not caught. The platforms like Facebook and Instagram have been often in the headlines as portals where cybercriminals were operating and committing crimes.
To keep the data of the netizen safe and secure Paytm under first of its kind service is offering customers protection against cyber fraud through an insurance policy available for fraudulent mobile transactions up to Rs 10,000 for a premium of Rs 30. The cover ‘Paytm Payment Protect’ is provided through a group insurance policy issued by HDFC Ergo. The company said that the plan is being offered to increase the trust in digital payments, which will push up adoption.
Meta’s Cybersecurity
Meta has one of the best cyber security in the world but that diest mean that it cannot be breached. The social media giant is the most vulnerable platform in cases of data breaches as various third parties are also involved. As seen the in the case of Cambridge Analytica, a huge chunk of user data was available to influence the users in terms of elections. Meta needs to be ahead of the curve to have a safe and secure platform, for this Meta has deployed various AI and ML driven crawlers and software which work o keeping the platform safe for its users and simultaneously figure out which accounts may be used by bad actors and further removes the criminal accounts. The same is also supported by the keen participation of the user in terms of the reporting mechanism. Meta-Cyber provides visibility of all OT activities, observes continuously the PLC and SCADA for changes and configuration, and checks the authorization and its levels. Meta is also running various penetration and bug bounty programs to reduce vulnerabilities in their systems and applications, these testers are paid heavily depending upon the scope of the vulnerability they found.
CyberRoot Risk Investigation
Social media giant Meta has taken down over 40 accounts operated by an Indian firm CyberRoot Risk Analysis, allegedly involved in hack-for-hire services along with this Meta has taken down 900 fraudulently run accounts, these accounts are said to be operated from China by an unknown entity. CyberRoot Risk Analysis was responsible for sharing malware over the platform and used it to impersonate themselves just as their targets, i.e lawyers, doctors, entrepreneurs, and industries like – cosmetic surgery, real estate, investment firms, pharmaceutical, private equity firms, and environmental and anti-corruption activists. They would get in touch with such personalities and then share malware hidden in files which would often lead to data breaches subsequently leading to different types of cybercrimes.
Meta and its team is working tirelessly to eradicate the influence of such bad actors from their platforms, use of AI and Ml based tools have increased exponentially.
Paytm CyberFraud Cover
Paytm is offering customers protection against cyber fraud through an insurance policy available for fraudulent mobile transactions up to Rs 10,000 for a premium of Rs 30. The cover ‘Paytm Payment Protect’ is provided through a group insurance policy issued by HDFC Ergo. The company said that the plan is being offered to increase the trust in digital payments, which will push up adoption. The insurance cover protects transactions made through UPI across all apps and wallets. The insurance coverage has been obtained by One97 Communications, which operates under the Paytm brand.
The exponential increase in the use of digital payments during the pandemic has made more people susceptible to cyber fraud. While UPI has all the digital safeguards in place, most UPI-related frauds are undertaken by confidence tricksters who get their victims to authorise a transaction by passing collect requests as payments. There are also many fraudsters collecting payments by pretending to be merchants. These types of frauds have resulted in a loss of more than Rs 63 crores in the previous financial year. The issue of data insurance is new to India but is indeed the need of the hour, majority of netizens are unaware of the value of their data and hence remain ignorant towards data protection, such steps will result in safer data management and protection mechanisms, thus safeguarding the Indian cyberspace.
Conclusion
cyberspace is at a critical juncture in terms of data protection and privacy, with new legislation coming out on the same we can expect new and stronger policies to prevent cybercrimes and cyber-attacks. The efforts by tech giants like Meta need to gain more speed in terms of the efficiency of cyber safety of the platform and the user to make sure that the future of the platforms remains secured strongly. The concept of data insurance needs to be shared with netizens to increase awareness about the subject. The initiative by Paytm will be a monumental initiative as this will encourage more platforms and banks to commit towards coverage for cyber crimes. With the increasing cases of cybercrimes, such financial coverage has come as a light of hope and security for the netizens.
.webp)
Executive Summary:
A viral video of the Argentina football team dancing in the dressing room to a Bhojpuri song is being circulated in social media. After analyzing the originality, CyberPeace Research Team discovered that this video was altered and the music was edited. The original footage was posted by former Argentine footballer Sergio Leonel Aguero in his official Instagram page on 19th December 2022. Lionel Messi and his teammates were shown celebrating their win at the 2022 FIFA World Cup. Contrary to viral video, the song in this real-life video is not from Bhojpuri language. The viral video is cropped from a part of Aguero’s upload and the audio of the clip has been changed to incorporate the Bhojpuri song. Therefore, it is concluded that the Argentinian team dancing to Bhojpuri song is misleading.
Claims:
A video of the Argentina football team dancing to a Bhojpuri song after victory.
Fact Check:
On receiving these posts, we split the video into frames, performed the reverse image search on one of these frames and found a video uploaded to the SKY SPORTS website on 19 December 2022.
We found that this is the same clip as in the viral video but the celebration differs. Upon further analysis, We also found a live video uploaded by Argentinian footballer Sergio Leonel Aguero on his Instagram account on 19th December 2022. The viral video was a clip from his live video and the song or music that’s playing is not a Bhojpuri song.
Thus this proves that the news that circulates in the social media in regards to the viral video of Argentina football team dancing Bhojpuri is false and misleading. People should always ensure to check its authenticity before sharing.
Conclusion:
In conclusion, the video that appears to show Argentina’s football team dancing to a Bhojpuri song is fake. It is a manipulated version of an original clip celebrating their 2022 FIFA World Cup victory, with the song altered to include a Bhojpuri song. This confirms that the claim circulating on social media is false and misleading.
- Claim: A viral video of the Argentina football team dancing to a Bhojpuri song after victory.
- Claimed on: Instagram, YouTube
- Fact Check: Fake & Misleading
