APAC firms that pay off ransomware attackers make the region a favorite

The Asia-Pacific (APAC) region faced the majority of global ransomware attacks in 2022 and is among the top victimised regions by ransomware groups Conti and LockBit, according to the This is according to findings at Trend Micro.

Although only 10% of ransomware victims pay their extorters, they are enabling attacks on numerous other organisations by doing so. This is something that organisations in Asia should pay attention to, given majority of the ransomware threats in 2022 were concentrated in the region (38.06%). 

Furthermore, Asia Pacific’s ransomware payment rate stands higher than average, with organisations in the region being a prime target of ransomware groups Conti and LockBit.

Paying off a ransom might seem like a quick way to mitigate risk in the short-term, but in the long run, victimised organisations will only be fuelling the ransomware industry leading to more damage,” said Nilesh Jain, VP of Southeast Asia and India at Trend Micro.

Key findings from Trend Micro’s ransomware report show that ransom payment rate in APAC stood a little higher than average at 18.9%. 

Africa had the highest ransom payment rate (34.8%) while Europe had the lowest (11.1%).

North America, Europe and APAC were among the top three regions where organisations victimised by ransomware groups Conti and LockBit were located. IT was among the top three target industries for both ransomware groups.

Within APAC, a closer analysis revealed that Conti had many victimised organisations in predominantly English-speaking countries such as Australia (38.9%), India (16.7%), New Zealand (8.3%), and Singapore (2.8%).

Paying a ransom often resulted in driving up the overall cost of the incident with few other benefits. The 10% of victims that agree to pay usually do so quickly and are generally being forced to pay more per compromise. 

However, ransomware is just one of many security issues that continues to plague the region, as threat actors went “all in” to boost profits in 2022.

Trend Micro blocked over 14 billion threats in Asia in 2022, inclusive of email threats, business email compromise, URL-related threats. Of this, over 1 billion threats were blocked in Singapore alone.

Additionally, Trend Micro detected over 2 billion other threats in Asia, inclusive of botnet-related threats and malware. Nearly 90 million of these threats were detected in Singapore alone.

Asia was top ranked in terms of mobile security issues.

Trend Micro recommends that organisations adopt a platform-based approach to managing the cyber-attack surface, mitigate security skills shortages and coverage gaps, and minimise the costs associated with point solutions. 

This should cover the following — asset management, cloud security, proper security protocols, and attack surface visibility.