Ransomware attacks in PH double in 2023

By Kris Crismundo

January 16, 2024, 6:55 pm

<p><em>(File photo)</em></p>

(File photo)

MANILA – A commissioned survey by a cybersecurity firm has found that ransomware incidents in the Philippines became more rampant and aggressive in 2023.

Fortinet Marketing and Communications for Asia and Australia and New Zealand vice president Rashish Pandey said in a media briefing in Makati City Tuesday that 56 percent of the surveyed organizations in the Philippines reported that ransomware attacks surged by at least two times in 2023 compared to 2022.

The International Data Corporation's Survey cited that phishing and ransomware were among the most common cyber threats in the country last year.

A phishing attack deceives an individual to reveal personal and sensitive information, while ransomware blocks victim to have access to one’s personal data unless a ransom is paid.

“In the past, it used to be ‘Alright, I have locked your system.’ The bad actors will come and say ‘You pay me money… and I will give you access back to the data.' Now, it has advanced even more. What we are seeing now is even if you pay the money, they will not give you the data back or just delete it,” Padney said.

Padney added that the more complex cyber infrastructure nowadays also becomes more vulnerable to cyber threats.

Contributing to the increase in cyberattacks globally are the big number of companies doing hybrid work setups, the use of applications, the number of gadgets being used by an individual, and the networks that these gadgets are being connected to, such as public WiFis and cafés.

He said the global average to detect that a cyberattack has happened is 21 days, and it will take another 12 hours to control the damage, six hours to investigate, and another 12 hours to remediate.

The executive also stressed the need for organizations to invest in cybersecurity and train their people in detecting cyberattacks.

Investing in security operations (SecOps) professionals will also help organizations to reverse these cyber threats, he added.

Padney said that based on the IDC Survey, there is only one SecOps professional for every 195 employees, managing an average of 44 daily alerts. Approximately, each alert takes 11 minutes to address within an eight-hour workday.

“This workload places significant pressure on cybersecurity professionals… The time constraint underscores the necessity for efficient process, automation, and prioritization to effectively manage the workload,” he said. (PNA)