SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Organisations in Singapore paying multiple ransom demands
Thu, 9th Jun 2022
FYI, this story is more than a year old

Cybereason has released results of its second annual ransomware study during a year of unprecedented attacks to better understand the true impact on businesses.

The global study reveals that 80% of organisations in Singapore suffered at least one ransomware attack in 2022, compared to the 60% reported in 2021.

The study once again finds that ‘it doesn't pay-to-pay' a ransom demand. 85% of organisations that paid the first ransom demand were hit again, with 88% saying the second attack came in less than a month, and 62% stating that threat actors demanded a higher ransom amount.

The report, titled Ransomware: The True Cost to Business Study 2022, further revealed that 45% of organisations who opted to pay a ransom demand in order to regain access to their encrypted systems had some or all of their data corrupted during the recovery process. This is in contrast to the 28% reported in 2021, an increase of 60% year-on-year. These findings underscore why it does not pay to pay ransomware attackers, and that organisations should focus on detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.

“Ransomware attacks are traumatic events, and when ransomware gangs attack a second, third or fourth time in a matter of weeks, it can bring an organisation to its collective knees," says Eric Nagel, general manager for APAC at Cybereason.

"Deploying effective anti-ransomware solutions is easier said than done, and the hackers know it. After being hit the first time by a ransomware attack, organisations need time to assess their security posture, determine what are the right tools to deploy, and then find the budget to pay for it," he says.

"The ransomware gangs know this, and it is the biggest reason they strike again quickly.”

Key findings in the research include:

  • A Weak Supply Chain Leads to Ransomware Attacks: Nearly two-thirds of companies (63%) believe the ransomware gang got into their network via one of their suppliers or business partners.
  • Senior Leadership Attrition: Nearly 40% of companies suffered C-level resignations following a ransomware attack.
  • A Matter of Life and Death: Nearly 30% of companies said they paid a ransom because of the risk to human life due to system downtime.
  • Ransom Demands Increase with Each Attack: Around 60% of companies paid a higher ransom demand the second time.
  • Ransomware Attacks Lead to Business Disruptions: Over half of companies (55%) were forced to temporarily or permanently suspend operations following a ransomware attack.
  • Layoffs Result from Ransomware Attacks: Nearly 20% of companies laid off staff as a result of the attack.
  • Organisations Don't Have the Right Tools: Over 90% of companies admitted that ransomware gangs were in their network up to 6 months before they discovered them. This points to the double extortion model where attackers first steal sensitive data then threaten to make it public if the ransom demand is not paid.