Research Reveals Majority Of Companies In Southeast Asia Are Victims Of Ransomware, Expert: Don't Pay The Ransom!
JAKARTA - According to Kaspersky's latest research, Southeast Asian (SEA) companies are on the radar of ransomware cybercriminals with 67% confirming that they have been victims of the attack.
Global cybersecurity firm Kaspersky surveyed 900 respondents across North America, South America, Africa, Russia, Europe, and Asia-Pacific, 100 of whom were from Southeast Asia.
Conducted in April 2022, a study entitled “How business executives perceive ransomware threat” collected answers from those in non-IT senior management (such as CEO, VP, and Director levels) and business owners or partners in companies with 50-1000 employees.
Half of those (34%) who have admitted their data was destructively encrypted by cybercriminals have experienced ransomware attacks not once but several times. Another 33% said they had experienced such an incident only once.
SEE ALSO:
The most common occurrence among ransomware victims in the region is that 82% of companies pay the ransom.
In fact, 47.8% of executives surveyed admitted that they paid the ransom as soon as possible to regain access to business data.
Another quarter (23.9%) tried to get their data back via backup or decryption but failed and ended up paying the ransom within two days, while 10.4% took a week before paying.
When ransomware victims were asked about the steps they would take if they faced a similar incident, a majority (77%) of business leaders in Southeast Asia confirmed that they would still pay the ransom.
This represents a worrying tendency for companies that have fallen victim to ransomware to pay, as it could encourage these cybercriminals to continue their attacks.
“It is very concerning to see that only 17.9% of businesses in Southeast Asia are victims of ransomware who do not comply with the demands of cybercriminals", said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky from a statement received in Jakarta.
According to Yeo, he understands the urgency and desperation to get their data back as soon as possible, at all costs. However, paying the ransom should not be a spontaneous reaction for the company.