Cybereason study shows that paying for ransomware can encourage even more attacks

Cybereason study shows that paying for ransomware can encourage even more attacks
123RF

Among APAC organisations suffering a second attack, a quarter faced the same threat actor from before.

By on

As more organisations work online, ransomware attacks continue to be on the rise. In a global ransomware study of nearly 1,300 security professionals, Cybereason found that more than half of organisations globally have been the victim of a ransomware attack.

In Singapore, of the 100 companies surveyed, 90% of organisations that paid cyber-attackers faced a second ransomware attack – with 25% of businesses revealing that the second attack was from the same threat actor group before.

Of those organisations who paid the ransom demand to regain access to their encrypted systems, 28% reported that some or all of the data was corrupted during the recovery process.

These findings highlight why it does not benefit organisations to pay ransomware attackers. Instead, organisations should look into early detection and prevention strategies to protect themselves from ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.

Other key Singapore findings:

  • Loss of Business Revenue: 73% of organisations reported loss of revenue following a ransomware attack
  • Ransom Demands Increasing: 37% of businesses that paid a ransom demand shelled out between USD 140,000 to USD 1.4 million, while 5% paid ransoms exceeding USD 1.4 million
  • Brand and Reputation Damage: 40% of organisations indicated that their brand and reputation were damaged as a result of a successful attack
  • C-Level Talent Loss: 13% of organisations reported losing C-Level talent as a direct result of ransomware attacks
  • Employee Layoffs: 13% reported being forced to layoff employees due to financial pressures following a ransomware attack
  • Business Closures: 20% percent of organisations reported that a ransomware attack forced the business to close down operations entirely

“The results speak for itself. Singapore businesses must understand that paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organisation again, and in the end only exacerbates the problem by encouraging more attacks,” said Leslie Wong, Regional Vice President for APAC at Cybereason.

“Getting in front of the threat by adopting a prevention-first strategy for early detection will allow organisations to stop disruptive ransomware before they can hurt the business.”

To reach the editorial team on your feedback, story ideas and pitches, contact them here.
© iTnews Asia
Tags:
apac security singapore

Most Read Articles

Your organisation’s physical security can be a gateway for cybercriminals

Your organisation’s physical security can be a gateway for cybercriminals
Malaysia's Maxis Berhad investigates claims on alleged data breach

Malaysia's Maxis Berhad investigates claims on alleged data breach
Philippines Maxicare, Jollibee Foods Corporation hit by data breach

Philippines Maxicare, Jollibee Foods Corporation hit by data breach
DBS plans US$58 million investment to improve technology resilience

DBS plans US$58 million investment to improve technology resilience