 |
| Source: Semperis. Six in 10 Singapore organisations have been targeted by ransomware in the past 12 months. |
The Semperis 2025 Global Ransomware Risk Report* has found that organisations across Asia-Pacific (APAC) are the most frequently targeted by cybercriminals. Six in 10 (61%) report at least one successful attack, just behind Germany, where the figure stands at 66%.
Recent developments in Singapore have emphasised the danger. The country raised its National Cyber Threat Alert Level in direct response to a UNC3886 cyber campaign, signalling heightened vigilance and preparedness to defend against cyberattacks, the AI-powered identity security and cyber resilience provider said.
Key findings for the region include:
- Singapore faced the highest extortion risks in the world. Two thirds of organisations experienced hackers threatening to file regulatory complaints against them if they did not report incidents, compared to 47% across US, UK, France, Germany, Spain, Italy, Canada, Australia, and New Zealand.
- Ransomware demands were the most successful - 85% of affected organisations in APAC paid ransom to restore systems or protect data, compared to the UK (68%), North America (66%), and Europe (50%). Half of the affected companies in Singapore also paid ransoms multiple times, which Semperis said points to a persistent cycle of attacks and extortion that needs to be addressed.
- Identity-related breaches dominate - 93% of APAC organizations experienced some form of identity-infrastructure compromise, far more than any other breaches
“Paying ransoms should never be the default option. While some circumstances might leave the company in a non-choice situation, we should acknowledge that it’s a downpayment on the next attack. Every dollar handed to ransomware gangs fuels their criminal economy, incentivising them to strike again. The only real way to break the ransomware scourge is to invest in resilience, creating an option to not pay ransom,” said Mickey Bresman, CEO of Semperis.
When examining the tactics used by ransomware attackers, the most common threat leveraged was the release of private or proprietary data. Semperis said 82% of organisations cited this as a primary pressure point in giving in ransom demands.
“As data confidentiality becomes increasingly critical, especially for senior decision-makers in highly regulated sectors, this finding suggests that ransomware groups are tailoring their extortion methods to exploit both operational vulnerabilities and executive-level anxieties. For Singaporean organisations, this underscores the need for robust data governance and clear crisis communication protocols,” said Gerry Sillars, VP, Asia Pacific and Japan, Semperis.
The fallout from ransomware attacks is not limited to operational downtime – it often reaches the boardroom. Among respondents in Singapore, 67% reported C-level resignations or dismissals following an attack. This reflects the intense pressure on executive leadership to maintain cybersecurity readiness and respond effectively to breaches. For organisations in Singapore, where accountability at the top is closely scrutinised, these findings signal that ransomware incidents can have severe reputational and leadership consequences if not managed with strong governance and preparedness, Semperis observed.
“There is an urgent need for organisations to strengthen their overall cybersecurity posture, particularly around identity protection. “Ransomware resilience around identity infrastructure is key. As cyberattacks grow more targeted and relentless, Singapore enterprises must urgently prioritise identity-first security strategies, proactive recovery planning, and executive-level accountability to withstand the next wave of threats,” added Sillars.
“Organisations must also rigorously assess the security of partners and supply chain vendors, as they often represent the weakest link in the cybersecurity chain. When third parties have access to sensitive systems and data, the risk of compromise significantly increases. Additionally, organisations should stay ahead of evolving ransomware tactics by conducting regular tabletop exercises to strengthen their response capabilities.”
Semperis protects critical enterprise identity services for security teams charged with defending hybrid and multicloud environments. Purpose-built for securing hybrid identity environments—including Active Directory, Entra ID, and Okta—Semperis’ AI-powered technology protects over 100 million identities from cyberattacks, data breaches, and operational errors.
Explore
Read the 2025 Ransomware Risk Report: Essential Guidance for Building Operational Resilience Against Cyberattacks at https://www.semperis.com/ransomware-risk-report/
*In 1H25, global organisations across North America, the UK, Europe, and the Asia Pacific region participated in a detailed survey on their experience with ransomware. To conduct this study, Semperis partnered with experts at Censuswide, an international market research consultancy. Censuswide surveyed 1,500 IT and security professionals across multiple industries, including education, finance, healthcare, government, energy, manufacturing and utilities, IT and telecommunications, and travel and transportation.
No comments:
Post a Comment