Published: 05:46 AM, 27 May 2023
Rate of ransomware attacks decline slightly across Asia Pacific
Sophos, a global leader in innovating and delivering cybersecurity as a service, has released its annual "State of Ransomware 2023" report, which found that the rate of ransomware attacks declined slightly in Asia Pacific and Japan (APJ) in 2022 with 68 per cent of organisations surveyed saying they were a victim to ransomware compared to 72 per cent the year before.
In 71 percent of ransomware attacks against surveyed organisations, adversaries succeeded in encrypting data with 49 per cent of those that had data encrypted paying the ransom, down slightly from last year's rate of 55 per cent and higher than the 2023 global average of 47 percent.
On a global scale, the survey shows that when organisations paid a ransom to get their data decrypted, they ended up additionally doubling their recovery costs (US$750,000 in recovery costs versus US$375,000 for organisations that used backups to get data back). Moreover, paying the ransom usually meant longer recovery times, with 45% of those organisations that used backups recovering within a week, compared to 39% of those that paid the ransom.
When analysing the root cause of ransomware attacks on APJ organisations, the most common was an exploited vulnerability (involved in 37% of cases), followed by compromised credentials (involved in 28% of cases). This is in line with recent, in-the-field incident response findings from Sophos' 2023 Active Adversary Report for Business Leaders.
Additional key global findings from the report include:
1. In 30% of cases where data was encrypted, data was also stolen, suggesting this "double dip" method (data encryption and data exfiltration) is becoming commonplace2. The education sector reported the highest level of ransomware attacks, with 79% of higher education organisations surveyed and 80% of lower education organisations surveyed reporting that they were victims of ransomware 3. Overall, 46% of organisations surveyed that had their data encrypted paid the ransom. However, larger organisations were far more likely to pay.
1. In 30% of cases where data was encrypted, data was also stolen, suggesting this "double dip" method (data encryption and data exfiltration) is becoming commonplace2. The education sector reported the highest level of ransomware attacks, with 79% of higher education organisations surveyed and 80% of lower education organisations surveyed reporting that they were victims of ransomware 3. Overall, 46% of organisations surveyed that had their data encrypted paid the ransom. However, larger organisations were far more likely to pay.
