Ransomware attacks in Singapore businesses decline this year

The majority of businesses pay ransoms to restore data.

Singapore-based organisations experienced fewer ransomware attacks with 64% saying they were hit by a ransomware attack this year, down from 65% in 2023, according to a study by Sophos.

In the latest edition of its annual “The State of Ransomware” report, Sophos found ransomware attacks in the city-state remain higher than the global average of 59%.

The majority of Singapore businesses said they rather pay for ransoms to restore data than using backup – a method commonly used worldwide in restoring data.

Those who had their data encrypted received a mean ransom demand of US$1.3m compared to the global average of $4.3m, with 42% of demands in the city-state exceeding the US$1m mark. 

Firms that paid the ransom recorded mean payment of US$1.58m, compared to the average of US$3.96m globally.

The study found Singapore businesses pay about 77% of the initial ransom demand, lower than their counterparts abroad (94%).

Excluding ransom payments, companies had incurred an average bill of US$2.2m to recover losses from a ransomware attack, from downtime costs and device costs to lost opportunity. This was down from US$3.5m last year .

“Ransomware remains a major threat to Singaporean organizations of all sizes around the globe. While the overall attack rate has dropped over the last year, the impact of an attack on those that fall victim has increased,” Sophos said.

The study showed a third of the incidents were exploited vulnerabilities, while 21% of the attacks compromised the credentials of businesses.

Meanwhile, Singapore firms were also found to be getting back to their feet faster as 77% of the victims in this year's survey saying they were able to fully recover in less than a week, up from 43% in 2023, while only 14% recorded a one to six month recovery period.

Sophos polled 5,000 IT and cybersecurity leaders across 14 countries globally, including 165 respondents in Singapore.