SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
APAC organisations forking out millions due to ransomware
Fri, 4th Feb 2022
FYI, this story is more than a year old

Ransomware has had a widespread impact on organisations in the Asia Pacific region in numerous ways, including both financially and legally.

This is according to Claroty's report titled ‘Global State of Industrial Cybersecurity 2021: Resilience Amid Disruption', which revealed the impact of ransomware on organisations during 2021.

An independent survey of 1,100 full-time IT and OT security professionals was carried out in the United States, Europe and Asia Pacific, to determine how organisations dealt with ransomware challenges in 2021 and their levels of resiliency and priorities moving forward.

The report found that 80% of organisations in APAC were affected by ransomware attacks and just over half (51%) paid the ransom.

Overall, 71% of organisations in APAC paid ransom fees of US$100K-1M, and 13% paid US$1-5M. Moreover, 52% of APAC organisations reported a downtime event would cost them up to US$0.5M per hour in lost revenue, with 36% reporting costs would be even higher per hour at US$0.5-5M.

Globally, 9% of organisations said costs would exceed US$5M per hour. Only 5% of APAC companies would face such high costs.

The survey also explored the legal requirement to report ransomware payments, with only 45% in APAC supporting a legal requirement to report ransomware payments, so long as this came with a requirement to also report payments to regulators or other authorities.

On the contrary, 23% in APAC supported ransomware payments being legally required, but with no obligation to report payment.

However, the report notes: “As long as the financial model continues to favour paying the ransom, these threats will continue. The only way to mitigate the risk is to understand how to make hyperconnectivity more secure. Gaps in processes and technology, some that have existed for years, must be addressed.

On this front, the survey revealed an almost universally increased investment in cybersecurity, and a strengthening of cybersecurity measures over the past two years driven by the pandemic and by high-profile, and highly damaging, ransomware attacks in 2021: on Colonial Pipeline and global meat processor JBS, as well as the SolarWinds supply chain attack.

A ransomware attack was also a wake-up call for many victims. More than half of the respondents (52%) in APAC said cybersecurity had become a higher priority after an attack, and 55% said their security budget had increased, with 40% confirming implementation of new and/or updated cybersecurity controls and processes as a result.

These findings show that organisations have internalised the lessons learned from high-profile cyber attacks and are prioritising cybersecurity by increasing investments and implementing new or updated processes and controls, the researchers state.

More than half of the respondents (90%) say their organisation's C-suite and board are very involved in cybersecurity decision-making and oversight, which bodes well for ongoing investment and prioritisation.

Finally, the survey also found that 90% of APAC respondents (90% globally) had accelerated digital transformation since the start of the pandemic, with 48% (52% globally) reporting the acceleration as significant.

Claroty CEO Yaniv Vardi says, “Our research shows that critical infrastructure security is at a pivotal juncture, where threats are proliferating and evolving, but there's also a growing collective interest and desire in protecting our most essential systems.

"Security leaders looking to take their programs to the next level must account for all cyber-physical systems in their risk governance practises, segmenting their IT and OT networks and assets, extending their general IT cybersecurity practises to their OT devices, and consistently monitoring for threats across all networks."