PH businesses warned against rising ransomware, phishing threats

Woman using internet

A woman uses the internet at an internet cafe in Yangon, Myanmar February 5, 2016. Picture taken February 5, 2016. REUTERS/Soe Zeya Tun

MANILA —Cybersecurity company Fortinet has cautioned Philippine businesses about a potential rise in ransomware and phishing incidents this year.

They emphasize that hackers are persistently launching digital attacks to disrupt operations for financial motives. According to a survey by Fortinet and conducted by International Data Corp. (IDC), ransomware and phishing attacks are the primary cyber threats in the country, with more than half of the respondents identifying them as significant concerns.

The study surveyed 550 information technology leaders across markets in the Asia-Pacific region, including the Philippines.

Phishing is a fraudulent activity whereby hackers send suspicious links to unsuspecting individuals via mobile messages and emails. The links lead to fake websites that trick users into providing personal information like bank account details.

READ: DICT urges companies not to pay for ransomware to avoid repeat attacks

Rashish Pandey, Fortinet vice president for marketing and communications at Asia, Australia and New Zealand, said that 56 percent of the surveyed organizations in the Philippines said they saw two times increase in ransomware attacks in 2023 compared to 2022.

Ransomware attacks doubled in 2023

“What we are seeing though is the frequency of those attacks is increasing,” he said.

Ransomware, which usually targets big organizations, is a cyberattack that holds an entity’s network or data hostage until a ransom is paid.

Fortinet previously estimated that an organization spends about P55 million or about $1 million to resolve a single data breach and pay off ransom to regain system access.

READ: 47% of hacked SE Asia firms paid ‘ransom’

Pandey explained that the cost to recover data might go up depending on the nature of the attack. Some hackers sell the stolen data to another party, which means the victimized organization needs to pay more to regain control.

In addition, paying off ransom does not guarantee absolute protection as perpetrators might just repeat the attack and demand money again.

Cyberdefense

“In the ever-evolving threat landscape, organizations grapple with a spectrum of cyber threats targeting their digital assets,” Pandey said.

As such, Fortinet noted that companies see the need to have quicker threat detection and response to digital attacks.

The enterprises polled plan to do so by gearing up investments in security operations in the next 12 months. Among the initiatives in their pipeline are cyber awareness training, security audits and upgrade of cyberdefenses.

“Securing modern IT infrastructures requires a continuous commitment to vigilance, proactivity, and adaptability amid challenges posed by hybrid work, AI, and cloud technologies,” said Simon Piff, IDC vice president for research in the Asia-Pacific region.

Read more...