Cybercrime 2.0: Evolving Ransomware Calls for Urgent Cybersecurity Action
Bangalore, July 25th 2025: As the global threat landscape shifts, ransomware continues to dominate as one of the fastest-evolving and most damaging forms of cybercrime. Marking Ransomware Awareness Month, Mr. Karmendra Kohli, CEO and Cofounder of SecurEyes, has called on Indian organisations and citizens to step up cybersecurity readiness and treat ransomware not as a one-time threat, but as a persistent risk demanding long-term vigilance.
Ransomware attacks work by encrypting digital files and systems, rendering them inaccessible until a ransom is paid—often in cryptocurrency. In recent years, this criminal tactic has morphed from isolated malware into a full-fledged industry. The emergence of Ransomware-as-a-Service (RaaS) has enabled even low-skilled attackers to rent or purchase ready-made ransomware kits, making advanced attacks more accessible than ever before.
“Ransomware is no longer just malicious code—it’s a commercial operation with its own business model, partners, and service delivery,” said Mr. Kohli. “The barrier to entry has dropped, while the sophistication of attacks continues to rise.”
Attackers today are not only locking systems but also engaging in double extortion: stealing sensitive data and threatening to leak it publicly if the ransom is not paid. This puts organizations at greater legal and reputational risk, particularly under India’s newly implemented Digital Personal Data Protection Act (DPDPA) and other global privacy regulations.
Adding to the complexity is the use of artificial intelligence (AI) by cybercriminals. AI is being weaponised to automate phishing attacks, identify weak targets, evade detection systems, and even conduct ransom negotiations through intelligent chatbots. This AI-powered shift is making it more difficult for traditional defences to keep pace.
In response, Mr. Kohli advocates for a multi-layered defence strategy. He identifies human error as the most common entry point for ransomware, urging companies to invest in ongoing cyber awareness programmes through interactive sessions, visual reminders, and periodic drills.
Beyond awareness, technical safeguards remain critical. Regular software updates, strong passwords, two-factor authentication, and avoidance of pirated tools form the baseline of digital hygiene. Most essential to recover from a ransomware attack is the habit of creating frequent offline backups, which allow affected systems to be restored without giving in to ransom demands.
For enterprises deploying Security Operations Centres (SOCs) to monitor networks in real time, implementing network segmentation to contain breaches, and developing robust incident response frameworks to build cybersecurity resilience are of paramount importance. He also emphasizes to look closely into third-party vendor risks, as attackers are increasingly infiltrating organizations through compromised partners in the supply chain.
“In the event of an attack, isolate affected systems immediately and report the breach to cybersecurity teams and law enforcement,” he advised. “Decision of paying ransom or not has its own dilemmas and a stand has to be taken based on situational awareness during an attack; with a collective understanding that such decisions have their own legal and ethical complications, and recovery is never guaranteed.”
Ransomware is not just a technical issue, it’s a risk to business continuity, public trust, and national security. The time to act is now.