Singapore companies pay average S$1.5m after ransomware attack: report

COMPANIES in Singapore that are hit by a ransomware attack are paying an average of around S$1.5 million, a survey by cybersecurity technology company Cybereason has found.

However, after paying the sums demanded, more than half (55 per cent) of the survey respondents from Singapore said that their services were not released or were found to have been corrupted.

To add salt to the wound, some organisations are hit a second time within 4 to 7 days, as was reported by 56 per cent of respondents in Singapore.

These are among key findings of Cybereason’s second annual ransomware study, the findings of which were unveiled on Wednesday (Jun 8). The survey was conducted by research firm Censuswide in April.

The report said 1,456 cybersecurity professionals took part in the survey, with 7 per cent of the respondents from Singapore. The survey participants were from companies and organisations with 700 or more employees; the industries covered in the research included financial services, retail, government and manufacturing.

Of the respondents from Singapore, 80 per cent reported that they had been hit by a ransomware attack in the last 24 months.

GET BT IN YOUR INBOX DAILY

Start and end each day with the latest news stories and analyses delivered straight to your inbox.

Sign UpVIEW ALL

And among the Singapore participants, 85 per cent reported being hit again with a second ransomware attack — despite having paid the ransom. Of that number, 88 per cent said the second attack came in less than a month; 62 percent said that the threat actors demanded a higher ransom amount.

Eric Nagel, Asia-Pacific general manager at Cybereason, said: “After being hit the first time by a ransomware attack, organisations need time to assess their security posture, determine the right tools to deploy, and then find the budget to pay for it.

“The ransomware gangs know this — and it is the biggest reason they strike again quickly.”

Those that paid to retrieve their encrypted systems cited a few factors for doing so: 42 per cent of the respondents said they feared losing business; 48 per cent believed it was the fastest way to get their services back up. A smaller percentage of respondents (28 per cent) cited life-and-death reasons for acceding to the ransom demand.

As ransomware attackers tend to demand for payment in cryptocurrency, a third (33 per cent) of the respondents in Singapore disclosed that they will open a cryptocurrency wallet in the event of further ransomware attacks.

With 80 per cent of the Singapore respondents reporting ransomware attacks in the last 2 years, the Republic is ranked higher than the global baseline of 72 per cent over the same time period, the report noted.

Globally, 73 per cent of the respondents said they were targeted by at least 1 ransomware attack in the last 2 years, and 80 per cent of them who paid the first demand were hit again a second time.