Ransomware has been one of the most prominent types of cyberattacks in recent years. Just this year alone, we’ve seen huge organizations such as Japan’s Toshiba, France’s AXA, the US’ Colonial Pipeline, and the Irish health service fall prey to it, with hackers asking millions of dollars to either unlock databases or stop them from publicly releasing the information.
Organizations in the Philippines have experienced these attacks as well, according to UK-based cybersecurity firm Sophos. In its “The State of Ransomware 2021” report, it found that Philippine organizations have spent an average of $820,000 (approximately P40 million) to recover from these attacks – costs which cover the ransom paid, and the costs incurred by the downtime. The cost is lower than the global average of $1.85 million.
As for ransom paid, the global average is $170,404, with $3.2 million being the highest recorded in the survey.
About 42% of the firms surveyed in the Philippines reported that they were hit by ransomware in 2020, which is an increase from 30% in 2019. Of these, 76% suffered data encryption, which means the hackers locked their databases until their demands were fulfilled. The number is said to be higher than the global average of 54%.
Thirty countries were surveyed for the report.
Sophos noted that Philippine organizations are “less able to stop attackers from encrypting data than the global average.” However, the country fares better in restoring data from backups, with 88% saying that they were able to do so, compared with the global average of 57%.
Philippine organizations also have a much smaller propensity to pay the ransom (4%) than the global average (32%).
Sophos also reported that the country may be “the most prepared to recover from such incidents” with 83% of the respondents saying that business continuity plans include measures against cyberattacks, the highest among the countries surveyed.