Singapore businesses paying off ransomware demands

Would you pay a ransom to save a life? What if the livelihoods of employees are at stake?

Singapore businesses paying off ransomware demands
Image Credit: DALL-E 3

Would you pay a ransom to save a life? What if the livelihoods of employees are at stake?

According to a report on the Straits Times, law firm Shook Lin & Bok was hit by a ransomware attack in April and coughed up US$1.4M (S$1.89M).

Ransomware isn't new. But here are some facts that you might not know about modern ransomware.

  1. Raiding your backups

Data backups have come under sustained attack, with some ransomware designed specifically to find and corrupt data backups over weeks or months.

According to statistics from Veeam, ransomware has penetrated backup repositories in 75% of attacks.

  1. Victim turned accomplice

Ransomware is unique in that victims tend not to cooperate, or even try to shield the perpetrators once they pay the ransom.

I'm not suggesting this is the case with Shook Lin & Bok; their case was reported to the police. But keeping mum happens often due to the reputational risk of going public.

  1. Multi-extortion

Think you can just pay and move on? Well, cybercriminals can (and do) extort up to 3 times for a stolen set of data.

Here's how:

  • Original extortion. Pay or your data is toast.
  • Double extortion. Pay or we'll publish it online.
  • Ransomware 3.0. Go after clients and threaten the privacy of their data.
  1. Personalised ransom

Cyber criminals are personalising their ransom demands based on the victims. For instance, a small business would probably be made to pay more than an individual.

There's even been reports of them accessing accounting books before demanding an amount they know the organisation can afford.

A systematic problem

According to data from Sopho, more than 50% of Singaporean firms pay up; they paid an average of US$1.5M, though lower than the global average of US$3.9M.

Why is ransomware so hard to eradicate? For one, ransomware is a route to big money and an entire criminal enterprise has sprung up around it.

Indeed, there are different groups specialising in various aspects of ransomware, and apprehending these cyber criminals is far more difficult than it looks. (I explain why here:

In a nutshell, ransomware isn't going away soon. And the time to defend against ransomware is now.