The Philippines, like many other countries, has faced its share of cyberattacks over the years. These attacks have targeted government agencies, businesses, and individuals. It impacts various sectors of the country’s digital scenery. Perhaps one of the most notable incidents is the 2016 COMELEC Data Breach, exposing the government’s cybersecurity vulnerabilities. The government responded with improvements in cybersecurity but the determination of cyber criminals remains unchanged. Let’s look at the numbers in recent years to gain a better understanding of cyberattacks in the Philippines, particularly ones involving ransomware.
A report from the cybersecurity firm Sophos shows that ransomware attacks in the Philippines have greatly increased in recent years. The report, which surveyed 150 mid-sized organizations in the Philippines, found that 69% of respondents had experienced a ransomware attack in 2021. This is up from 42% in 2020 and 30% in 2019.
The average ransom payment made by Philippine organizations hit by ransomware in 2021 was $1.6 million, which is double the global average of $812,000. As a result, the Philippines is third-highest in terms of average payments made, following the Netherlands and Japan.
The report also found that the average cost of a ransomware attack in the Philippines is $1.34 million. This includes the cost of downtime, lost productivity, and data recovery.
Sophos credits the increase in ransomware attacks in the Philippines to a number of factors, including the growing popularity of ransomware-as-a-service (RaaS) and the increasing sophistication of ransomware attacks. RaaS is a business model that allows cybercriminals to rent out ransomware to other cybercriminals. As a result, criminals can launch ransomware attacks with more ease, as they do not need to be technical experts to develop their own ransomware.
Moreover, the report found that organizations in the Philippines are not as well-prepared to deal with ransomware attacks as organizations in other countries. For example, only 60% of Philippine organizations have a thorough backup and recovery plan in place.
Advised Improvements From Sophos
Sophos advises organizations in the Philippines to take steps to improve their cybersecurity systems, including:
- Apply a thorough backup and recovery plan
- Keeping all software up to date
- Educating employees about cybersecurity risks
- Using a security solution that can detect and prevent ransomware attacks
The report concludes by stating that ransomware attacks are a growing threat to organizations in the Philippines. Therefore, organizations need to take steps to improve their cybersecurity systems in order to protect themselves from these attacks.
Cybersecurity company Palo Alto Networks reported that ransomware attacks in the Philippines rose by 57.4% in 2022. Eleven ransomware attacks were reported in the country last year, most of which targeted the manufacturing, professional, and legal services sectors, and state and local governments.
In fact, the Philippines is the fourth most attacked by ransomware groups in Southeast Asia, with incidents here making up 12% of total ransomware cases in the region. Thailand had the most reported ransomware attacks with 28 cases, followed by Singapore (18) and Indonesia (14). Malaysia and Vietnam had 11 and 9 incidents, respectively.
Ransomware attacks in the Asia Pacific region in 2022 reached 302, higher by 35.4% than the previous year. Palo Alto Networks said that ransomware groups have been stacking extortion techniques to apply more pressure on organizations to pay the ransom. These tactics include encryption, data theft, distributed denial of service (DDoS), and harassment. However, the most common extortion tactic is data theft.
Globally, ransomware demands continued to be a pain point for organizations in 2022. Additionally, Palo Alto Networks pointed out that ransom payments as high as USD7 million (PHP 383 million) have happened in some cases. The global median ransom demanded by attackers was USD650,000 (PHP35.5 million), while the median ransom payment was USD 350,000 (PHP18.9 million). This suggests that effective negotiation can drive down actual payments.
Organizations in the Philippines should take steps to protect themselves from ransomware attacks.
This includes having strong cybersecurity measures in place, such as up-to-date antivirus software and firewalls. Organizations should also train employees on how to identify and avoid phishing emails, which are usually used to deliver ransomware.
If an organization is the victim of a ransomware attack, it is important to not pay the ransom.
Paying the ransom does not guarantee that the organization will get its data back, and it only encourages ransomware groups to continue their attacks. Instead, organizations should contact law enforcement and cybersecurity companies in the Philippines to help them investigate the attack and recover their data.
Ransomware attacks are a serious threat to organizations in the Philippines.
By taking steps to protect themselves, organizations can lower the risk of being attacked.
Here are some tips for protecting your organization from ransomware attacks:
- Apply strong cybersecurity measures, such as using a firewall, antivirus software, and data encryption.
- Back up your data regularly so that you can restore it if it is encrypted by ransomware.
- Train your employees on how to identify and avoid ransomware attacks.
- Have a plan in place for responding to a ransomware attack.
By following these tips, you can help to protect your organization from ransomware attacks.
About IPV Network
Since 2016, IPV Network has been a trusted partner of leading enterprises in the Philippines. It brings the best-of-breed cybersecurity solutions. IPV network helps businesses identify, protect, detect, respond, and recover from cyber threats. Email us at [email protected] or call (02) 8564 0626 to get your FREE cybersecurity posture assessment!