New International Research Shows Ransomware Thrives in Complex and Fragmented IT Security Environments

India : Barracuda Networks, Inc., a leading cybersecurity company providing complete protection against complex threats for all-sized businesses, has released new research showing 34% of Indian organizations affected by ransomware were hit multiple times in the last 12 months as gangs exploit ineffective defenses and security fragmentation. The findings are detailed in the Ransomware Insights Report 2025, which also shows that for businesses in India, 71% of repeat victims say they are juggling too many security tools, and 57% say their tools don’t integrate, disrupting visibility and creating blind spots where attackers can hide.

The report is based on the findings of an international survey undertaken by Barracuda with Vanson Bourne, gathering insights from 2,000 IT and security decision-makers across North America, Europe, and Asia-Pacific. The results highlight how ransomware remains a persistent and lucrative threat, ruthlessly exploiting security complexity and coverage gaps to implement multidimensional attacks for maximum disruption and financial gain.

The research shows that:

  • 57% of the global organizations surveyed were affected by ransomware, including 70% of the banking sector, 67% of those in healthcare, and 65% of local government. This increased in India as over two-thirds (69%) of organizations reported that they had been affected.
  • Ransomware attackers have a one-in-three chance of payout. 32% of ransomware victims paid the attackers to recover or restore data, rising to 37% among organizations affected twice or more.
  • 41% of those who paid a ransom failed to recover all their data. There can be several reasons for this. The decryption tools provided by the attackers may not work, or they’ve only shared a partial key. Files can be damaged during the encryption and decryption processes, and sometimes the attackers take the ransom and don’t provide any decryption tools. A good and regularly updated backup offers proven protection against this risk.
  • Many ransomware victims have insufficient coverage in key security areas. For example, fewer than half (47%) of the ransomware victims had implemented an email security solution, compared to 59% of non-victims. This matters because email is a primary attack vector for ransomware: 71% of organizations that suffered an email breach were also hit with ransomware.
  • Ransomware attacks are multidimensional. In India, just under a quarter (23%) of the ransomware incidents experienced by respondents involved data encryption, while a significant number involved the attackers stealing (24%) and publishing data (19%), infecting devices with other malicious payloads (36%), installing backdoors for persistence (23%), and more.
  • The impact crater of a successful ransomware attack is expanding in India, withserious downstream consequences:

            1. 47% suffered brand and reputation damage

           2. 38% faced significant recovery costs

          3. 17% lost existing customers

         4. 22% missed out on new business opportunities

        5. 40% experienced employee productivity losses 

“The findings make it clear that ransomware is an escalating threat, and fragmented security defenses leave organizations immensely vulnerable,” said Parag Khurana, country manager for India at Barracuda. “In India, 46% of companies have experienced downtime and business disruption due to such attacks. Many of these companies are relying on a patchwork of disconnected tools, often introduced with good intentions, that fail to integrate or are misconfigured, creating serious vulnerabilities. Attackers exploit these gaps to move through networks undetected, accessing devices and data with ease. A unified, integrated security platform is essential to close these gaps and prevent breaches.”

Methodology

Barracuda commissioned independent market research company Vanson Bourne to conduct a global survey of 2,000 senior security decision-makers in IT and business roles in organizations with between 50 and 2,000 employees from a broad range of industries in the U.S., UK, France, DACH (Germany, Austria, Switzerland), Benelux (Belgium, the Netherlands, Luxembourg), the Nordics (Denmark, Finland, Norway, Sweden), Australia, India, and Japan. The fieldwork was conducted in April and May 2025.