Sophos, a renowned provider of cybersecurity services, has recently published its annual report titled “State of Ransomware 2023,” highlighting a significant rise in ransomware attacks targeting Singaporean organizations. The report, based on a comprehensive survey, found that 84% of surveyed organizations in Singapore fell victim to ransomware attacks in 2022, a sharp increase compared to the 65% reported the previous year. This surge in attacks has propelled Singapore to the top spot among all surveyed countries, reporting the highest rate of ransomware incidents this year.
The study examined 3,000 cybersecurity and IT leaders worldwide between January and March 2023, providing insights into the current landscape of ransomware attacks. In 61% of the attacks on Singaporean organizations, adversaries successfully encrypted their data. Furthermore, 53% of those affected organizations resorted to paying the ransom to retrieve their data, marking an increase from 48% the previous year. This payment rate exceeds the global average of 47%.
The repercussions of paying ransoms are significant, both in terms of financial costs and recovery time. The survey revealed that organizations paying ransoms experienced double the recovery costs compared to those utilizing backups ($750,000 versus $375,000, respectively). Additionally, paying the ransom often resulted in lengthier recovery times, with only 39% of paying organizations recovering their data within a week, while 45% of those relying on backups achieved the same recovery timeline.
Chester Wisniewski, field CTO at Sophos, expressed concern over the high rates of encryption observed in these attacks. He noted that ransomware crews have been refining their attack methods, accelerating their schemes to impede defenders’ ability to disrupt them effectively.
The study also shed light on the root causes of ransomware attacks. Exploited vulnerabilities were the most common cause, accounting for 43% of incidents, followed by compromised credentials at 26%. These findings align with Sophos’ 2023 Active Adversary Report for Business Leaders, which presented real-world incident response data.
Several additional global findings emerged from the report. Notably, in 30% of cases where data was encrypted, the data was also stolen, indicating a growing prevalence of the “double dip” approach involving data encryption and exfiltration. The education sector suffered the highest levels of ransomware attacks, with 79% of higher education organizations and 80% of lower education organizations falling victim to such attacks.
While the overall percentage of organizations paying ransoms stood at 46%, larger organizations were more likely to succumb to the demands. Businesses with revenues exceeding $500 million had the highest payment rate, with the highest reported among those with revenue over $5 billion. This discrepancy may be attributed to larger companies often having standalone cyber insurance policies that cover ransom payments.
Wisniewski stressed the importance of lowering both the time to detect and the time to respond to ransomware attacks. He recommended human-led threat hunting, as experienced analysts can swiftly recognize intrusion patterns and take immediate action. With vigilant 24×7 monitoring, organizations can mount an effective defense against these threats.
To bolster defenses against ransomware and other cyberattacks, Sophos outlined several best practices in their report. These include implementing security tools that safeguard against common attack vectors, employing adaptive technologies that disrupt adversaries, and maintaining 24/7 threat detection and response capabilities. Furthermore, optimizing attack preparation by regularly backing up data, practicing data recovery, and updating incident response plans, along with maintaining good security hygiene, such as timely patching and reviewing security configurations, are essential steps.
You must log in to post a comment.