One recent survey showed that this group of organizations in the region had suffered knee-jerk reactions when encountering ransomware attacks

In an April 2022 survey of 900 respondents across the world to gauge ransomware opinions from non-IT senior management personnel or partners at firms with 50 to 1,000 employees, some regional trends were discerned from the 100 South-east Asia (SEA) respondents.

Of the 100 SEA respondents, 34 had indicated having had their firm’s data maliciously encrypted by ransomware attacks several times. Another 33% indicated their firm had experienced such an incident once. Also, 5% of the SEA respondents indicated their firm engaged a third-party incident response team.

Among those that had suffered ransomware incidents, the following SEA trends were observed:

    • 82.1% had paid the ransom, with 47.8% of this group indicating they had paid the ransom as soon as possible—compared to the global average of 38.1%

    • 23.9% of the SEA respondents affected by ransomware did try to get their data back through back-ups or decryption but had failed, thereby paying the ransom within two days, while 10.4% took up to a week of trying before paying up.

    • 77% of the SEA respondents indicated that they would still pay the ransom in future ransomware attacks.

    • 94% of SEA firms in the survey indicated they would seek external help if attacked by ransomware, compared to the global average of 89.9%. Out of this SEA group, 20% indicated that they would contact law enforcement; 29% indicated they would reach out to a third party cybersecurity incident investigation and response service; and the remainder indicated they would contact both help resources.

According to Yeo Siang Tiong, General Manager (South-east Asia), Kaspersky, which commissioned the survey: “It is concerning to see that only 17.9% of SEA respondents victimized by ransomware did not budge on the cybercriminals’ demands. We stand firm that paying the ransom should not be a kneejerk reaction for enterprises.”

Yeo advocated for cross-border and public-private partnerships that can help governments and organizations to combat threats such as ransomware, also suggesting: “Enterprises here should upskill or even to build their own security defense team with intelligence-led incident detection and response capabilities.”