64% of companies attacked by ransomware in 2023: survey

Half of the cyberattacks led to data being encrypted.

The latest survey from Sophos revealed that 64% of organisations in Singapore said they were hit by ransomware in the past year, a significant drop from previously 84%.

According to “The State of Ransomware in Singapore 2024,” which surveyed 165 respondents, the most common cause of the attack was exploited vulnerabilities, followed by compromised credentials.

Sophos said 50% of the attacks led to data being encrypted, and data was stolen in 25% of the attacks where information was encrypted.

Majority, or 98% of the ransomware attacks, also tried to compromise the companies’ backups. Sophos noted 45% of these were successful.

Meanwhile, 94% of organisations whose data was encrypted got their data back.

“For the first time in our five-year study, Singaporeans organisations are more likely to recover data by paying the ransom (63%) than using backups (58%),” Sophos noted. 

The mean ransom demand was $1.76m (US$1.31m), whilst the average ransom payment was $2.13m ( $1.58m).

Sophos said 98% of the companies reported the attack to authorities.

ALSO READ: Business leaders, security officers need to bridge cybersecurity communication gap

“Ransomware remains a major threat to Singaporean organisations of all sizes around the globe,” Sophos said. “As adversaries continue to iterate and evolve their attacks, it’s essential that defenders and their cyber defences keep pace.”

US$1= S$1.34