SINGAPORE: Ransomware attacks are on the rise, and companies in Singapore are among the most targeted in the world , according to a recent study.
Despite this, companies here tend to prioritise recovery rather than prevention, said a report released last month by cybersecurity technology firm Cybereason.
Ransomware is a type of spyware and adware that typically infiltrates a computer system plus encrypts the data within. Criminals then requirement a ransom, harmful to leave this locked up and inaccessible.
Criminals are also increasingly utilizing a “double extortion” strategy, where they not just encrypt the data but also steal it plus threaten to outflow or sell it online.
Cybereason said Singapore businesses had been witnessing the greatest amount of such attacks among the countries polled, with 80% of respondents here saying their particular organisations had been hit by a ransomware attack in the past 24 months. Internationally, the average figure had been 72%.
The percentage of Singapore organisations that documented at least one attack in the past year also flower from 60% in last year’s are accountable to 80% this year.
Cybereason’s field chief security officer for that Asia-Pacific region D. K. Chim stated the recent ransomware “gold rush” among cyber criminals is a result of the fact that it is getting easier for criminals to carry out such episodes, while many organisations are also now more dependent on digital facilities than before.
Many ransomware gangs now operate such as legitimate companies with complex yet efficient business models, Chim said.
He added: “Ransomware is an extremely lucrative model along with little to simply no risk involved for that threat actors, as they often operate in countries with no extradition treaty… This allows them to operate with close to impunity. ”
The developers of the malware are progressively opting to share their own tools with “affiliates”, such as those who specialise in gaining unauthorised entry to networks, in exchange for any fee or a cut of the ransom.
Two prominent plus commonly used types of ransomware, called LockBit 2 . 0 and Conti, operate under a “ransomware-as-a-service” model.
Chim said factors like lack of cyber cleanliness as well as lack of visibility and detection associated with cyber criminals are usually overwhelming many companies’ security operations, which includes but not limited to those people in Singapore.
According to the study, Singapore respondents had the best confidence in their organisations’ ability to manage a ransomware attack. About 64% said these were confident in their organisations’ people, while 61% were confident in their policies.
Participants from Britain got the highest level of self-confidence in their organisations’ individuals and policies, on 94% and 77% respectively.
“Basic cyber hygiene is usually lacking among employees, which is obvious when they open phishing email messages or select unconfident passwords, ” Mister Chim said.
“Preventing this may not necessarily require more budget, technology, or manpower. Instead, it requires a better understanding of how ransomware occurs and the execution of measures that will drastically reduce the capability of cyber criminals to snatch important data. ”
Following an attack, Singapore organisations increased their security budgets simply by an average of 12%, which was below the global typical of 19%.
They were also among the least likely to apportion additional security budget to hiring talent to bolster their own defences, with just 41% of participants here saying their particular companies would do so, compared with the global typical of 51%.
A third of the respondents said their organisations had set up cryptocurrency wallets in concern of paying off upcoming ransomware attacks, because the criminals often requirement to be paid within Bitcoin.
The particular survey, conducted within April, polled nearly 1, 500 cybersecurity professionals from companies with at least seven hundred employees in the United States, Britain, Germany, France, Japan, Italy, South Africa, the particular United Arab Emirates and Singapore. Individuals in Singapore comprised about 7% of the sample, or just over 100 respondents.
The study also found that will giving in to the bad guys and paying the particular ransom did not guarantee the safe return of stolen data.
Among companies that chose to spend the ransom to regain access to their particular systems, about 54% found that program issues persisted after recovery, or that will at least some of their data was corrupted after decryption. This find is also on the rise, escalating from the 46% who also said the same in 2021.
The most typical types of stolen information were sensitive client data, personally identifiable details, intellectual property and protected health information.
Successfully targeted organisations were also susceptible to repeat attacks. One of the organisations that paid the first ransom, nearly 80% were strike with another attack soon after. Of this team, 68% said the second attack took place inside a month of the 1st and came with a better ransom amount, while about half said they were hit again by the same attackers.
Despite this, organisations might be motivated to pay the ransom in cases like life-or-death situations or national emergencies, Chim noted.
According to the study, about 28% of all the respondents, including those in the healthcare sector, said these people paid up to avoid the potential injury or even loss of life that could result from critical techniques being blocked.
“Companies might also feel that paying gives all of them the fastest achievable route to return operations to normal, ” Chim added.
More than half of the respondents whose organisations were strike by a ransomware strike were forced to briefly or permanently suspend their business procedures as a result.
Some organisations that compensated up said they will did so to avoid loss of business revenue and expedite the recovery process. Other people said they do so because they had been unprepared for this kind of attack and did not back up their data or did not possess the staff needed to effectively respond to the attack.
The Internet Security Agency of Singapore (CSA) stated it does not recommend that victims of ransomware pay out the attackers, as this encourages them to keep on their criminal routines and target more victims.
Organisations that pay upward may also be seen as smooth targets that can be attacked again in long term, the agency additional.
“We are seeing the ransomware threat becoming more typical and disruptive since it is profitable and profitable for the cyber criminals behind these assaults, ” said a CSA spokesman.
“Disrupting their business structure and curbing the profits made will go a long way to tackle the problem. ”
CSA said the vast majority of cyberattacks can be prevented by taking proper precautions.
“We encourage company owners to view cybersecurity as an investment for the future, and set in place robust cybersecurity measures to ensure that their own systems are protected and resilient. ” – The Straits Times (Singapore)/Asia News Network