Increasingly sophisticated and numerous cyberattacks are forcing most companies in Singapore as well as Malaysia to pay ransoms because they can’t recover their data and restore business processes, according to a report from Cohesity.
The research polled from 504 IT and security decision-makers, including 302 in Singapore and 202 in Malaysia, shows that companies firmly operate in a “when” not “if” reality of cyberattacks, with the majority of respondents’ organisations falling victim to a ransomware attack in the last six months.
Almost all say the threat of cyberattacks to their industry has or will increase in 2024 and most have paid a ransom in the past 12 months.
Further, 70% of respondents said their company had been the “victim of a ransomware attack” in 2024, with 65% of Singaporean respondents saying their organisation had been victims.
According to respondents, the cyber threat landscape is expected to get even worse in 2024, with 91% of Singapore-based respondents saying the threat of cyberattacks to their industry will increase or had increased this year, and 47% said it had or will increase by over 50%.
Respondents also revealed keeping their organisations’ cyber resilience and data security strategies up to speed with the current threat landscape is challenging, with 41% of respondents saying they do not have complete confidence in their company’s cyber resilience strategy and its ability to “address today’s escalating cyber challenges and threats.’”
In Singapore, 92% said their company had stress-tested their “data security, data management, and data recovery processes or solutions” in the past year, with 56% testing their processes or solutions in the last six months.
Only 5% of respondents in Singapore said they could recover data and restore business processes within 24 hours.
In Singapore, 26% said their company could recover data and restore business processes within one to three days. Also, 31% said this takes four to six days and 24% said it takes one to two weeks.
Among respondents in Singapore, 13% said they need over three weeks to recover data and restore business processes.
As a result, 80% of respondents in Singapore said their company would pay a ransom to recover data and restore business processes.
Further, 59% of Singaporean respondents said their company would be willing to pay over US$1 million to recover data and restore business processes, and 16% saying their company would be willing to pay over US$5 million.
Of the 64% of Singaporean respondents who had paid a ransom in the last year, 36% paid US$500,000 or more in ransom payments, while 47% have paid a ransom(s) between US$100,000 – US$499,999.
When asked what industries and/or sectors they think are most impacted by cyberattacks, respondents in Singapore said it was IT and Technology (57%), financial services (36%), telecommunications and media (36%), banking and wealth management (35%), government and public services (32%), hospitals and healthcare (28%), and utilities (27%).
The wide reach of AI extends to the cyber threat landscape, with 76% in Singapore saying their organisation had responded to what they believe to be AI-based cyberattacks or cyber threats in the past 12 months.
Despite being challenged by these attacks and threats that leverage AI, 90% in Singapore said they had the “necessary AI powered solutions to counter and respond to these attacks.”