Enan Tech Private Limited in Bengaluru fell victim to a ransomware attack on November 21, encrypting vital data during a server migration and rendering it inaccessible. The East Cybercrime Police filed an FIR on November 26 after data protection officer Abhishek Anigol reported the breach. Such incidents expose how even routine IT updates become gateways for hackers targeting small firms.
Ransomware plagues India with nearly half of organisations hit in the past year, yet many go unreported to evade reputational damage or futile probes. A 55% surge saw 98 attacks in 2024, peaking in industrial sectors like Enan Tech's. Victims often pay ransoms — 70% in recent surveys — highlighting the scourge's unchecked spread.
Bangalore Police's cyber units register cases under IT Act sections but struggle with decryption, tracing dark web threats, or recovery amid rising complaints. Similar strikes hit BSR Infratech in Yelahanka earlier this year, demanding Rs 66 lakh, and Whiteboard Technologies with Rs 60 lakh extortion. These echo helplessness as investigations drag without arrests.
The DPDP Act mandates data safeguards but lacks ransomware-specific teeth, offering limited relief beyond fines for breaches. Police competencies lag despite new units, leaving firms to bear losses alone. Without robust enforcement, victims remain vulnerable in this digital siege.
RANSOMWARE RAMPAGE: STATE POWERLESS, FIRMS PAY OR PERISH