As many as 65 per cent of organisations in Singapore were hit by ransomware in 2021, up from 25 per cent in 2020, according to cybersecurity firm Sophos.
The average ransom paid out by victims that had data encrypted in their most significant attack rose six-fold from US$187,500 to US$1.16 million in the same period, the company revealed, in a ransomware report out today.
The signs are not surprising, given the increased digitalisation of organisations across the world, though the numbers will make for worrying reading.
For example, 64 per cent of attacks resulted in data being encrypted, up from 49 per cent a year ago. This meant that hackers are getting more successful in attacking victims.
The cost to recover from such attacks was also alarming. Organisations in Singapore had to incur S$1.9 million on average to recover their most recent ransomware attack, according to Sophos.
Eighty-seven percent of organisations said the attack had impacted their ability to operate, and 83 per cent of victims said they had lost business and/or revenue because of the attack.
The report surveyed 5,600 mid-sized organisations in 31 countries
across Europe, the Americas, Asia-Pacific, the Middle East, and Africa, with 965 sharing details of ransomware payments. This included 150 organisations in Singapore, of whom 30 shared details of ransomware payments.
The findings are consistent with a threat advisory that the Singapore government’s Cyber Security Agency put out last year, which warned of more sophisticated ransomware attacks as well as threats to the remote workforce and supply chain.
If the outlook looks gloomy, one piece of good news from the Sophos report is that organisations seem more prepared today, for example, by using cyber insurance to recover from an attack.
According to the findings, 86 per cent of mid-sized organisations had cyber insurance that covers them in the event of a ransomware attack – and, in almost all incidents, the insurer paid some or all the costs incurred.
At the same time, all Singaporean respondents said their organisations have made changes to their cyber defences over the last year to improve their insurance position.
Eighty per cent have implemented new technologies or services, 60 per cent have increased staff training and education activities, and 53 per cent have changed their processes and behaviours.
“In recent years, it has become increasingly easy for cybercriminals to deploy ransomware, with almost everything available as-a-service,” said Chester Wisniewski, principal research scientist at Sophos.
“Second, many cyber insurance providers have covered a wide range of ransomware recovery costs, including the ransom, likely contributing to ever higher ransom demands,” he noted.
“However, the results indicate that cyber insurance is getting tougher and in the future ransomware victims may become less willing or less able to pay sky high ransoms,” he pointed out.