- More than one-third (35%) of Singapore-based small and medium sized enterprises (SMEs) have experienced a ransomware attack in the last year
- One in 10 (9%) SMEs were confident that they would be able to stop ransomware attacks
- Three quarters (73%) place a high or very high priority on addressing the ransomware problem
- Six in 10 (62%) of Singapore-based respondents believe that ransomware demands should never be paid
Malwarebytes, the advanced malware prevention and remediation solution, has released its second Annual State of Ransomware Report*. The study, conducted by Osterman Research, explores ransomware attack frequency, impacts of attacks in SME environments, costs of attacks, attitudes towards ransom payments, preparedness and more.
 |
| Hurmuses, centre and WahYu Goh, Malwarebytes Engineer, on the left during the discussion of the Malwarebyte Annual State of Ransomware Report. |
Ransomware is a relatively common problem for SMEs in Singapore, with the research revealing that more than one-third (35%) of Singapore-based SMEs have experienced a ransomware attack in the last year. The majority of cybercriminals (53%) who strike SMEs in Singapore with ransomware ask for payments of less than US$1,000, with only 7% asking for sums more than US$10,000.
"You could pay and never get your files back," Jeff Hurmuses, MD and Area VP, APAC, Malwarebytes observed. "But believe it or not these criminals are quite smart. They realise that if they don't release the files others will not pay the money in future."
Ransomware players could however release part of the files in return for the initial ransom, demanding more money to release more files, he pointed out, further warning that many of the links that result from Google searches for ransomware removal could themselves be laden with malware.
The impact of ransomware is often measured in terms of the value of the ransoms, but the report finds that downtime caused by ransomware can have a more significant impact on the business. Malwarebytes says that most of the pain incurred from being a ransomware victim can be tied to either the loss of files, with 33% of SMEs who refused to pay the ransom losing access to files as a result, or the downtime that it causes. More than 61% of companies in Singapore hit by ransomware experienced downtime of more than nine hours from a single incident of ransomware; the equivalent of a full working day.
It is clear that SMEs in Singapore view ransomware as a major problem, with ransomware ranking as the top security problem for SMEs along with malware infiltration thorugh email; 72% of respondents indicated they are critical problems. This was followed by email phishing (70%) and malware infiltration via web browsing (64%). The bottom three concerns were: insider theft of data (55%), phishing through social media (39%) and the physical theft of laptops and mobile devices (23%).
Despite being a top concern for SMEs in Singapore, only one out of 10 (9%) were confident that they would be able to stop ransomware attacks. Even SMEs who have been hit by ransomware before are finding it difficult to pinpoint how they were infected, with a third of respondents (30%) indicating they did not know how they were infected. Not knowing how a ransomware infection started can make removal of malware more difficult, and also makes it hard to determine what the company’s cybersecurity gaps are, Malwarebytes said.
Finally, the majority of SMEs think addressing ransomware is a high priority but not enthusiastic about investing to do so. One in 10 (11%) believe it can be solved through technology alone, and one in five do not conduct security training, leaving themselves open to malware delivered through social engineering methods.
Singapore is a financial hub.. SG and HK are the countries most likely to get hit, on the one hand more protected than other markets on the other hand cyber criminals see it as they may want to pay)
“Businesses of all sizes are increasingly at risk for ransomware attacks,” said Hurmuses. “However, the stakes of a single attack for a small business are far different from the stakes of a single attack for a large enterprise. Osterman’s findings demonstrate that SMBs are suffering in the wake of attacks, to the point where they must cease business operations. To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies. To be effective, the security community must thoroughly understand the battles that these companies are facing, so we can better protect them.”
Key findings for Singapore include:
- The impact of ransomware on SMEs can be devastating. For roughly one in six impacted organisations, a ransomware infection caused 25 or more hours of downtime, with some organisations reporting that it caused systems to be down for more than 100 hours. Further, among SMEs that experienced a ransomware attack, 21% reported that they had to cease business operations immediately, and 11% lost revenue.
- Most organisations make addressing ransomware a high priority, but still lack confidence in their ability to deal with it. Of the Singapore SMEs surveyed, 73% place a high or very high priority on addressing the ransomware problem. Despite these investments, nearly one-half of the organisations surveyed expressed little to only moderate confidence in their ability to stop a ransomware attack
- For many, the source of ransomware is unknown and infections spread quickly. For 30% of organisations in Singapore that suffered a ransomware infection, decision makers could not identify how the endpoint(s) became infected. Notably, more than 20% of ransomware infections spread to other devices.
- Most SMEs do not believe in paying ransomware demands. Six in 10 (62%) Singapore based respondents believe that ransomware demands should never be paid. Most of the remaining organisations believe that demands should only be paid if the encrypted data is of value to the organisation. Among organisations that chose not to pay cybercriminals’ ransom demands, about one-third (33%) lost files as a result.
- Current investments in technology might not be enough. About one-quarter of SMEs in Singapore claim to have been running anti-ransomware technologies. Despite this, 35% of businesses in the country have experienced a ransomware attack.
“It’s clear from these findings that there is widespread awareness of the threat of ransomware among businesses, but many are not yet confident in their ability to deal with it,” said Hurmuses. “Companies of all sizes need to remain vigilant and continue to place a higher priority on protecting themselves against ransomware.”
Malwarebytes offers different layers of protection to guard against ransomware taking hold. "The multiple layered approach is approach that we believe is the safest. It reduces the chances of (malware) penetrating," said Hurmuses. "If you have several layers of protection that's the best way to go."
Asia Pacific has been the fastest growing region for the company. In Asia Pacific, Hurmuses shared that Malwarebytes has 16 staff in the region, six of them in the Australia-New Zealand area, and the rest in Singapore and Malaysia. Eighteen new distributors for the region have been signed up in the one year since the company launched in Asia Pacific, and the company has enjoyed 8,000 leads to date.
"We are up 92% quarter on quarter," he said.
Malwarebytes currently protects some 27 million users, and sees 500,000 downloads daily of its free remediation software. "We've stopped 300 million malware that our competitors basically can't find," said Hurmuses.
The company's advantages are big data telemetry that help determine trends, as well as signature based and anomaly based layers of protection. "We have seven different layers to protect you. We think it makes it more difficult for the bad guys," he said.
Interested?
View the full global Second Annual State of Ransomware report (PDF)
*The study surveyed 1,054 small and medium enterprises (SMEs) across Singapore, France, UK, Germany, Australia, and North America.
No comments:
Post a Comment