India sees spike in AI driven ransomware attacks

By Vriti Gothi

Nearly half of Indian organisations experienced at least one ransomware attack in the past year, according to the latest Global Ransomware Survey by OpenText. The research reveals India as one of the most targeted and AI-exposed markets worldwide, with over 71% of enterprises reporting a rise in AI-enabled phishing and deepfake attempts.

The findings come at a pivotal time for India’s rapidly digitising economy, where generative AI is transforming operations and productivity. Almost all surveyed organisations (95%) allow employees to use generative AI tools, yet only just over half have implemented formal policies on AI usage or data privacy. This imbalance underscores the growing complexity of securing hybrid, AI-driven environments.

Conducted across seven countries with nearly 1,800 security professionals and business leaders, including over 200 from India, the survey highlights both progress and persistent gaps in cyber readiness. Among Indian organisations that suffered ransomware incidents, nearly 70% paid a ransom to recover access to data, one of the highest global payment rates. However, only about 12% fully regained their encrypted or stolen information, revealing a stark divide between perceived and actual preparedness.

“Organisations are right to be confident in their progress in security posture, but they can’t afford to be complacent,” said Muhi Majzoub, Executive Vice President, Security Products, OpenText. “AI fuels productivity while also heightening risk through insufficient governance and its expanding use in attacks. Managing information securely and intelligently is essential to building resilience in organisations of any size.”

The survey findings also illuminate a widening AI confidence gap as companies adopt AI to drive innovation; many struggle to match the pace of implementation with governance maturity. 66% of Indian respondents encountered deepfake-style impersonation attempts, including voice and video spoofing, while 71% observed an overall increase in AI-related phishing or ransomware attempts.

Ransomware threats are also becoming more intricate, increasingly entering through third-party service providers and software supply chains. Nearly two-thirds of Indian organisations reported being impacted by breaches linked to vendors or managed service partners in the past year. In response, 91% now conduct formal cybersecurity assessments of software suppliers, and 83% outsource elements of their security operations to managed service providers. Despite this, the dependency on interconnected ecosystems continues to pose systemic risks, particularly across technology, financial services, and manufacturing sectors.

Encouragingly, Indian leadership teams are elevating cybersecurity to the boardroom. 84% of executives now rank ransomware among their top three business risks higher than the global average of 71%. This shift is reflected in stronger operational practices, with 80% of organisations conducting regular security awareness training and 76% testing their ransomware recovery plans multiple times per year.

The OpenText Cybersecurity 2025 Global Ransomware Survey reinforces that combating ransomware is no longer an isolated IT challenge but a collective enterprise imperative. As AI continues to redefine both attack vectors and defence mechanisms, resilience will increasingly depend on robust governance, data visibility, and shared responsibility across digital ecosystems.