Human vigilance vital in tackling enterprise vulnerability

Sophos Senior Vice President Asia Pacific Japan Gavin Struthers discusses regional ransomware trends and the need for heightened global vigilance.

Futuristic design of human eye for cyber security, system diagnostic

The cyber threat environment is getting increasingly dire. Recent global research commissioned by cyber security company Sophos, The State of Ransomware 2022 found that 72% of respondent organisations had experienced an increase in volume, complexity, or impact of cyberattacks in the previous year.

Specific to ransomware, 66% of companies surveyed said they were hit, a steep rise from the 37% of the previous year. The reasons for this could be digitisation and work-from-home, boosted by the pandemic. The report also cites the growing popularity of ransomware-as-a-service as a cause for this worrying increase. Approximately two thirds (65%) of the companies attacked by ransomware saw their data getting encrypted, the last phase of the attack.

In the Asia-Pacific-Japan region, 72% of the organisations surveyed were hit by ransomware, with 72% of these attacks resulting in data encryption. Nine in ten companies said a ransomware attack impacted their ability to operate. At 78% India topped the list for paying the ransom to get data back, compared to under one in two companies worldwide. 

Analysing the region

Senior Vice President Asia Pacific Japan at Sophos, Gavin Struthers, says a reason India has the highest percentage of companies paying the ransom, could be the lack of good data backup regimes, which puts them in a place of vulnerability. The second cause is that as ransomware attacks become more common, many organisations have better defences in place and have stopped paying the ransom. This is driving the criminals to resort to extortion, such as threatening to leak the organisation’s data onto the dark web. Indian companies could be paying up quicker, due to fear of such an outcome that could compromise their brand and their customers’ privacy, according to Struthers.

To continue reading this article register now