Downtime for firms hit by ransomware worse than money demands: report
A third of companies surveyed here that were hit by ransomware over the last year do not know how they were infected, according to a new report that looked at the rising instances of such cyber attacks.
The Second Annual State of Ransomware Report, released by security software firm Malwarebytes yesterday, also highlighted that the ransom demands were not as damaging as the potential downtime to businesses infected with malware.
The report, conducted by Osterman Research, surveyed 1,054 small and medium-sized enterprises (SMEs) in Singapore, France, Britain, Germany, Australia and North America.
A total of 175 SMEs here across 14 industries, from manufacturing to transport to retail, took part in the survey.
This is the first time Singapore is included in the report, which first launched last year.
A third of them experienced a ransomware attack over the last year, with some being hit multiple times.
"The attack is one thing, but the downtime is really critical," said Mr Jeff Hurmuses, Malwarebytes' managing director and area vice-president for Asia Pacific.
Almost 80 per cent of SMEs surveyed experienced downtime of between an hour and a full day of business operations, with 15 per cent suffering downtime of more than 24 hours.
Furthermore, one-fifth of victims had to stop business operations immediately, leading to revenue losses from downtime.
OVER 9 HOURS
"The majority of attacks took more than nine hours to clear. If an SME takes nine hours to get the business back up, that's basically grounding the whole operation to a halt," said Mr Hurmuses.
The downtime could prove more damaging than ransom demands, he added.
Only 7 per cent of ransom demands here were above $10,000, with about 60 per cent asking for sums up to $5,000.
Those hit by ransomware here were also less willing to pay hackers, compared to respondents in other countries.
A quarter of businesses surveyed in Singapore opted to pay the hackers' ransom to unlock their files, compared to 43 per cent in Britain and 46 per cent in Australia.
Of those who did not pay the hackers, 33 per cent of them lost their files and information as they could not be decrypted.
The report comes months after two major ransomware attacks - WannaCry in May and NotPetya in June - made waves globally this year.
Ransomware attacks are also largely going unreported.
According to the Cyber Security Agency of Singapore, 20 ransomware cases have been reported to SingCERT as of July this year, with ransom demands of between $2,000 and $4,000.