Nearly 60% of enterprises in the Asia-Pacific region have fallen victim to ransomware attacks in 2023, claims IDC.
Sakshi Grover, senior research manager at IDC Asia/Pacific, notes that the digital transformation across the region has made enterprises more vulnerable to sophisticated ransomware tactics. Attackers are now increasingly targeting critical infrastructure and operational technology, underscoring an urgent call for enhanced security measures.
The rise in ransomware payments has been driven by the exploitation of vulnerabilities in essential sectors, including healthcare and supply chains. Cybercriminals are leveraging advanced techniques, such as AI-driven tactics, to execute more targeted and relentless attacks.
The report highlights that businesses face a complex threat environment shaped by geopolitical tensions and advancements in automation. Tactics such as double extortion and ransomware-as-a-service (RaaS) are making it easier for even less skilled cybercriminals to carry out sophisticated attacks.
The interconnectedness of today's business ecosystems exacerbates the situation, with over a third of enterprises reporting impacts from third-party systems. This emphasises the critical need for improved vendor risk management and supply chain security.
To combat these threats, many organisations are turning to AI-driven security tools like identity analytics and user and entity behaviour analytics (UEBA), with 42% finding them effective in thwarting attacks. Compliance with cybersecurity frameworks, such as CIS Top 20 and NIST, is increasingly vital, not only for demonstrating resilience but also for negotiating lower cyber insurance premiums in a landscape where costs are rising.
Furthermore, robust backup and disaster recovery strategies, particularly cloud-based solutions, are essential for maintaining operational resilience against ransomware attacks. As the cyber threat landscape continues to evolve, organisations must adapt their defences to mitigate potential financial damages effectively.