Indian Firms Face ₹4 Crore Average Ransomware Demands: Sophos Report

Rapid Summary

• Median Ransom Payment: Indian companies paid a median of ₹4 crore (USD 481,636) in ransomware demands, according to the Sophos “State of Ransomware 2025” report.
• Recovery Costs: On average, ₹8 crore (USD 1.01 million) was spent per attack for recovery.
• Payment Trends:

– 53% of Indian organizations surveyed paid ransoms, down from last year’s 65%.
– nearly half paid the full ransom amount; 12% even paid more than initially demanded.

• Common Causes of Breaches:

– Exploited vulnerabilities accounted for 29% of breaches.
– Compromised credentials made up another significant share at 22%.
– Organizational challenges included staffing shortages and inadequate cybersecurity measures cited by over two-thirds of respondents.

• High Ransom Demands Persist: Despite reduced demands compared to last year, nearly half (49%) faced ransom requests exceeding USD $1 million.
• Data Theft Risks: About one-third (31%) reported data theft during encryption-related attacks.

!Read More