Major Indian tech firm Tata Technologies has confirmed it suffered a ransomware attack that forced it to take a number of its IT systems offline.
A subsidiary of major automobile manufacturer Tata Motors, Tata Technologies provides engineering and digital services to a range of manufacturers in the automotive, aerospace, and industrial machinery industries.
In an official statement provided to the Indian Stock Exchange on 31 January 2025, the company said the attack affected “a few of our IT assets”, forcing it to temporarily suspend some of its services as a precautionary measure.
The statement added that these services have now been restored, and Tata Technologies’ client delivery services were unaffected and remained fully functional throughout.
“Further detailed investigation is underway in consultation with experts to assess the root cause and to take remedial action as necessary. We remain committed to the highest standards of security and data protection and are taking all necessary steps to mitigate any potential risks”, the statement concluded.
Further details including the identity of the threat actors responsible – or the means by which they achieved access to some of Tata Technologies’ IT assets and corporate network – were not included in the filing.
Ransomware attacks targeting India spiked 55% in 2024
Ransomware attacks targeting India-based companies appear to be on the rise, according to data collected by CyberPeace.
Research from the security firm identified 98 ransomware incidents impacting various sectors in India, which represents a 55% increase compared to the 63 attacks recorded in 2023.
“This surge highlights a concerning trend, as ransomware groups continue to target India's critical sectors due to its growing digital infrastructure and economic prominence,” CyberPeace warned.
Trend Micro’s 2024 Midyear Cybersecurity Threat Report found India ranked tenth overall and sixth in Asia for ransomware threats, accounting for 5% of all ransomware incidents in Asia and just under 3% globally.
In one case, Comtel, a data center operator hosting critical infrastructure for a number of brokerage firms in India, was hit with a ransomware attack in December 2024 that resulted in a temporary suspension of the affected stock brokers by two of India's leading exchanges.
RELATED WHITEPAPER
The finance sector accounted for 10% of the incidents recorded in 2024, CyberPeace found, but the industrial sector was by far the most frequently targeted industry in India, accounting of 75% of total incidents.
The Tata conglomerate has been the victim of previous ransomware activity in recent years. In October 2022, the Hive ransomware group claimed responsibility for an attack on Tata Power, locking down its IT systems and exfiltrating sensitive information.
A sample of the stolen information posted to the group’s leaksite included contracts with suppliers and employees, ‘master’ files on several employees, and details of senior executives’ remuneration packages.
-
How to implement a four-day week in techIn-depth More companies are switching to a four-day week as they look to balance employee well-being with productivity
-
Intelligence sharing: The boost for businessesIn-depth Intelligence sharing with peers is essential if critical sectors are to be protected
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crimeNews A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaosNews Thousands of ransomware cases have already been posted on the dark web this year
-
Simplifying Password Management eBookWhitepaper
-
Living off the Land eBookWhitepaper
-
The Public Sector's Guide to Privilege and Password ManagementWhitepaper
-
Zero Standing Privilege: Automating Cybersecurity Without Disrupting ProductivityWhitepaper
-
‘The worst thing an employee could do’: Workers are covering up cyber attacks for fear of reprisal – here’s why that’s a huge problemNews More than one-third of office workers say they wouldn’t tell their cybersecurity team if they thought they had been the victim of a cyber attack.
-
Everything we know about the Ingram Micro cyber attack so farNews A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
