4 in 5 organisations in APAC affected by ransomware and over half paid the ransom
Singapore – 8 February 2022 – Claroty, today released research into the ‘Global State of Industrial Cybersecurity 2021: Resilience Amid Disruption’, which revealed the colossal impact of ransomware on organisations during 2021, with 80% of organisations in APAC affected by ransomware attacks and just over half (51%) paying the ransom. An independent survey of 1,100 full-time IT and OT security professionals was carried out in the United States, Europe, and Asia Pacific, to determine how organisations dealt with ransomware challenges in 2021 and their levels of resiliency and priorities moving forward.
The survey found that 90% of APAC respondents (90% globally) had accelerated digital transformation since the start of the pandemic, with 48% (52% globally) reporting the acceleration as significant.
Claroty CEO Yaniv Vardi said: “Our research shows that critical infrastructure security is at a pivotal juncture, where threats are proliferating and evolving, but there’s also a growing collective interest and desire in protecting our most essential systems. Security leaders looking to take their programs to the next level must account for all cyber-physical systems in their risk governance practices, segmenting their IT and OT networks and assets, extending their general IT cybersecurity practices to their OT devices, and consistently monitoring for threats across all networks.”
71% of organisations in APAC paid ransom fees of $US100k – $US1.0m, and 13% paid $US1.0m – $US5.0m. Moreover, 52% of APAC organisations reported a downtime event would cost them up to $US0.5m per hour in lost revenue, with 36% reporting costs would be even higher per hour at $US0.5m – $US5m. Globally, 9% of organisations said costs would exceed $US5.0m per hour. Only 5% of APAC companies would face such high costs.
The survey also explored the legal requirement to report ransomware payments with only 45% in APAC supporting a legal requirement to report ransomware payments, so long as this came with a requirement to also report payments to regulators or other authorities. On the contrary, 23% in APAC supported ransomware payments being legally required, but with no obligation to report payment.
However, the report notes: “As long as the financial model continues to favour paying the ransom, these threats will continue. The only way to mitigate the risk is to understand how to make hyperconnectivity more secure. Gaps in processes and technology, some that have existed for years, must be addressed.”
The survey revealed an almost universally increased investment in cybersecurity, and a strengthening of cybersecurity measures over the past two years driven by the pandemic and by high-profile, and highly damaging, ransomware attacks in 2021: on Colonial Pipeline and global meat processor JBS, as well as the SolarWinds supply chain attack.
A ransomware attack was also a wake-up call for many victims. More than half of the respondents (52%) in APAC said cybersecurity had become a higher priority after an attack, and 55% said their security budget had increased, with 40% confirming implementation of new and/or updated cybersecurity controls and processes as a result.
These findings show that organisations have internalised the lessons learned from high-profile cyberattacks and are prioritising cybersecurity by increasing investments and implementing new or updated processes and controls. More than half of the respondents (90%) say their organisation’s C-suite and board are very involved in cybersecurity decision-making and oversight, which bodes well for ongoing investment and prioritisation.
For an in-depth analysis into the findings, along with full survey data, “The Global State of Industrial Cybersecurity 2021: Resilience Amid Disruption” report is available here.