2-8-2024 (SINGAPORE) A recent survey has unveiled a disconcerting trend in Singapore’s cybersecurity landscape, with a staggering 64% of local firms admitting to paying ransoms following cyberattacks in 2023. This revelation, brought to light by data security firm Cohesity, paints a worrying picture of the vulnerability of Singaporean businesses to digital extortion.
The study, released in early July, polled 302 IT and security executives across various sectors, including IT, telecommunications, manufacturing, healthcare, and financial services. Perhaps even more alarming is the scale of these payouts, with 36% of the affected companies shelling out at least US$500,000 to cyber criminals.
Ransomware attacks, which involve malicious actors encrypting files and demanding payment for their release, have become an increasingly prevalent threat globally. Singapore’s Cyber Security Agency (CSA) reported that local ransomware incidents remained stubbornly high in 2023, matching the previous year’s figure of 132 cases.
The global picture is equally grim, with the CSA’s Singapore Cyber Landscape 2023 report noting a record-breaking 49% surge in ransomware victims worldwide compared to 2022. Manufacturing and construction sectors bore the brunt of these attacks, possibly due to less mature cybersecurity measures and higher susceptibility to operational disruptions.
James Blake, Cohesity’s global cyber resilience strategist, expressed significant concern over the survey’s findings. Despite 71% of respondents claiming their companies had “do not pay” policies in place, the high percentage of firms capitulating to ransom demands suggests a troubling disconnect between policy and practice.
The willingness to pay substantial ransoms is particularly worrying. A staggering 80% of surveyed executives indicated their company would pay to recover data and restore business processes. Even more concerning, nearly 60% said their firm would consider ransoms exceeding US$1 million, with 16% prepared to pay over US$5 million.
These figures aren’t merely hypothetical. In April, Singaporean law firm Shook Lin & Bok fell victim to a ransomware attack, eventually paying US$1.4 million in Bitcoin to the Akira ransomware group after negotiations.
The CSA, while acknowledging the insights provided by such surveys, maintains a firm stance against ransom payments. The agency emphasises the importance of proactive measures, including the implementation of robust cybersecurity protocols and the use of available resources such as advisories, toolkits, and certification schemes.
In the event of an attack, the CSA urges companies to utilise the Singapore Police Force’s Ransomware Portal and report incidents to the Singapore Cyber Emergency Response Team (SingCERT). For regulated entities and critical information infrastructure, reporting such incidents is mandatory under the Cybersecurity Act.
Despite the concerning trends, experts like Associate Professor Liang Zhenkai from the National University of Singapore’s Department of Computer Science suggest that while ransomware attacks are on the rise, the increase is not yet at an “alarming rate”. Prof Liang emphasises the importance of vigilance and good cyber hygiene practices, including proper data backup and recovery processes.
