According to cybersecurity company Sophos’, 97% of organisations in Singapore hit by ransomware last year sought law enforcement or official government bodies for help.
They mainly received advice on dealing with ransomware (69%) and got assistance from law enforcement to recover their data from the ransomware attack (62%).
“Victim shaming has long been a consequence of a cyberattack but we’ve made progress on that front, both within the security community and at the government level. New regulations on cyber incident reporting, for example, appear to have normalised engaging with law enforcement, and our survey data shows organisations are taking steps in the right direction,” says Chester Wisniewski, director, field CTO at Sophos.
He continues: “Criminals are successful in part due to the scale and efficiency with which they operate. [This calls for] the public and the private sectors to continue galvanising as a group effort to help businesses. [That way,] we can continue to improve our ability to recover quickly and gather intelligence to protect others or even potentially hold those conducting these attacks responsible.”
Ransomware trends
Sophos’ Data for the State of Ransomware 2024 survey also reveals that organisations in Singapore paid an average of US$1,584,130 for ransom last year. This is on top of the average recovery cost of US$2.2 million.
See also: Younger consumers in Singapore more receptive towards AI agents
Exploited vulnerabilities were the most commonly identified root cause of a cyberattack, impacting 33% of Singaporean organisations. The impact of cyberattacks originating from exploited vulnerabilities was found to be most severe, with a higher rate of backup compromise (75%), data encryption (67%) and the propensity to pay the ransom (71%).
“The two most common root causes of ransomware attacks — which are exploited vulnerabilities and compromised credentials — are preventable, yet still plague too many organisations. Businesses need to critically assess their levels of exposure to these root causes and address them immediately. In a defensive environment where resources are scarce, its time organisations impose costs on the attackers, as well. Only by raising the bar on what's required to breach networks can organisations hope to maximise their defensive spend,” says John Shier, field CTO, Sophos.
Sophos recommends the following best practices to help organisations defend against ransomware and other cyberattacks:
- Understand your risk profile with tools that can assess an organisation’s external attack surface, prioritise the riskiest exposures and provide tailored remediation guidance.
- Implement endpoint protection that is designed to stop a range of evergreen and constantly changing ransomware techniques.
- Bolster your defences with round-the-clock threat detection, investigation and response, either through an in-house team or with the support of a Managed Detection and Response (MDR) provider.
- Build and maintain an incident response plan, as well as make regular back-ups and practise recovering data from backups.