Singapore Records Highest Increase in Ransomware Attacks in 2023, According to Sophos

Sophos on Wednesday released its annual “State of Ransomware 2023” report, which found that the rate of ransomware attacks on Singaporean organisations increased considerably in 2022 with 84 per cent of organisations surveyed saying they were a victim of ransom, which compares to 65 per cent the year before. This increase meant that Singapore reported the highest rate of ransomware attacks of all countries surveyed this year.

In 61 per cent of attacks on surveyed organisations, adversaries succeeded in encrypting data with 53% of those who had data encrypted paying the ransom to get their data back. This is up from 48 per cent last year and higher than the global average of 47 per cent.

On a global scale, the survey also shows that when organisations paid a ransom to get their data decrypted, they ended up additionally doubling their recovery costs (US$750,000 in recovery costs versus US$375,000 for organisation that used backups to get data back). Moreover, paying the ransom usually meant longer recovery times, with 45 per cent of those organisations that used backups recovering within a week, compared to 39 per cent of those that paid the ransom.

When analyzing the root cause of ransomware attacks, the most common was an exploited vulnerability (involved in 43 per cent of cases), followed by compromised credentials (involved in 26 per cent of cases). This is in line with recent, in-the-field incident response findings from Sophos’ 2023 Active Adversary Report for Business Leaders.

Data for the State of Ransomware 2023 report comes from a vendor-agnostic survey of 3,000 cybersecurity/IT leaders conducted between January and March 2023. Respondents were based in 14 countries across the Americas, EMEA and Asia Pacific and Japan. Organisations surveyed had between 100 and 5,000 employees, and revenue ranged from less than US$10 million to more than US$5 billion.


Chester Wisniewski, field CTO, Sophos

Rates of encryption are very high, which is certainly concerning. Ransomware crews have been refining their methodologies of attack and accelerating their attacks to reduce the time for defenders to…