Ransomware attacks are on the rise in the Asia Pacific region with organizations suffering financial and legal implications. 

Ransomware attacks are on the rise in the Asia Pacific region with organizations suffering financial and legal implications. Photo: aslysun/Shutterstock 

Ransomware attacks still a big problem in APAC

By | 7 February, 2022

  • Ransomware attacks are on the rise in the Asia Pacific region with organizations suffering financial and legal implications 
  • India topped the global list of countries hit by ransomware, with 68% of the respondents reporting attacks
  • 80% of organizations in the APAC were affected by ransomware attacks in 2021, with 51% paying the ransom

The Asia Pacific (APAC) region is being affected by a rise in organized cybercrime. The rapid growth of e-commerce, with its increasing reliance on online transactions and services, has been accompanied by the growth of the region’s cybercrime industry. 

Ransomware attacks are on the rise in the region, making them more prevalent now than ever before. While some organizations have suffered financially, others have suffered legal ramifications. 

According to the Global State of Industrial Cybersecurity 2021: Resilience Amid Disruption report released by Claroty,  80% of organizations in the APAC were affected by ransomware attacks in 2021, with 51% paying the ransom.

As more people work from home, cybercrime is on the rise, with criminal opportunists taking advantage of devices and connections with weak security. (Photo by Ina FASSBENDER / AFP)As more people work from home, cybercrime is on the rise, with criminal opportunists taking advantage of devices and connections with weak security. (Photo by Ina FASSBENDER / AFP)

CYBERCRIME IS RISING, AND APAC USERS CAN DO MORE TO FIGHT IT

Jamilah Lim | 20 July, 2021

This independent survey was carried out in the United States, Europe, and APAC, to determine how organizations dealt with ransomware challenges in 2021 and their levels of resiliency and priorities moving forward.

Meanwhile, according to Sophos’ The State of Ransomware 2021 report, India topped the global list of countries hit by ransomware, with 68% of the respondents reporting attacks.

APAC had the highest number of organizations attacked weekly at 1,338 compared to EMEA (Europe, Middle East, and Africa) with 777 cases and the Americas at 688.

Indonesia, Japan, Singapore experienced the sharpest increase in attack activity in the region till the middle of the year.

Universally increased investment in cybersecurity

Businesses are starting to understand that cybersecurity is not just a good idea; it’s necessary

Cyberattacks can be devastating for businesses of all sizes, and they’re happening more often than you might think. Cybercriminals constantly look for ways to slip malicious code into networks and encrypt data, making it impossible to retrieve without paying a ransom.

According to a Check Point study published in May 2021, there was a 168% increase, year-on-year, in the number of cyberattacks in the region. The study estimated that an organization in the APAC region suffers from 1,245 weekly attacks.

Therefore, there was universally increased investment in cybersecurity. According to Claroty, strengthened cybersecurity measures over the past two years were driven by the pandemic and high-profile and highly damaging ransomware attacks in 2021: on Colonial Pipeline and global meat processor JBS, as well as the SolarWinds supply chain attack.

Ransomware is still a big problem

The cyberattacks are a chilling reminder of businesses’ vulnerability to hackers and their effects. More than half of the respondents (52%) in APAC said cybersecurity had become a higher priority after an attack, and 55% said their security budget had increased, with 40% confirming implementation of new and/or updated cybersecurity controls and processes.

The real concern from the survey showed that 71% of organizations in APAC paid ransom fees between US$ 100k to US$ 1 million and 13% paid between US$ 1 million and US$ 5 million. Moreover, 52% of APAC organizations reported a downtime event would cost them up to half a million per hour in lost revenue, with 36% reporting costs would be even higher per hour. Globally, 9% of organizations said costs would exceed US$ 5 million per hour. Only 5% of APAC companies would face such high costs.

The survey also explored the legal requirement to report ransomware payments with only 45% in APAC supporting a legal requirement to report ransomware payments, so long as this came with a requirement to also report payments to regulators or other authorities. On the contrary, 23% in APAC supported ransomware payments being legally required, but with no obligation to report payment.

Now, if these organizations had taken their cybersecurity protection more seriously and focused on updating their patches, securing critical infrastructure, and constantly reminding their employees on being safe online, the numbers might be different. Not only will they have to spend millions paying for ransomware attacks, but they will also be able to use those funds for more important expenditures.

 



READ MORE