Cyber attack volumes grow for APAC firms

New research reveals that 64% of Singapore-based businesses experienced an increase in the volume of cyberattacks during the past year. Of those, 82 percent said attacks had increased as a result of more employees working from home. 86 percent said attacks had become more sophisticated.

In Australia, Three-quarters (72 percent) of respondents said the number of attacks they faced increased in the past year. Of those, 89 percent said attacks increased as a result of more employees working from home. 80 percent said these attacks had become more sophisticated.

Cyberattack volumes have grown, but the rapid pivot to remote working means businesses are still not seeing the full picture, according to the report from VMware. Erratic employee behaviour, personal devices, and home network use reduce visibility, creating blind spots and dark corners where attacks go undetected.

The findings are part of the fourth installment of the Global Security Insights Report, based on an online survey of 3,542 CIOs, CTOs and CISOs in December 2020 from across the globe. 

France, Australia, the United Kingdom and Japan were the most affected countries, with Singapore coming in seventh overall.

“The race to adopt cloud technology since the start of the pandemic has created a once-in-a-generation chance for business leaders to rethink their approach to cybersecurity,” said Rick McElroy, principal cybersecurity strategist, VMware.

“Legacy security systems are no longer sufficient. Organisations need protection that extends beyond endpoints to workloads to better secure data and applications. As attacker sophistication and security threats become more prevalent, we must empower defenders to detect and stop attacks, as well as implement security stacks built for a cloud-first world.”

Material breaches

For Singaporean firms, the number of breaches is significant. Respondents who had a cyberattack reported 3.3 breaches on average per year. Nor were these minor incidents. In seven out of 10 cases, the breach was a material incident requiring reporting to regulators or the involvement of an incident response (IR) team.

Clearly, security teams are under pressure, and there is little complacency: 60 percent of the Singaporean CISOs surveyed fear their organisation will experience a material breach in the coming year.

When asked what is causing breaches, the three most common vectors build a picture of external threats and internal weaknesses. Process weakness was the most common cause, at the root of 22 percent of breaches, closely followed by out-of-date security technology and then by third-party apps.

The rapid pivot to work from anywhere has exposed organisations that had lapsed in security hygiene and failed to implement multifactor authentication, while the extended enterprise is under increasing pressure as third parties introduce significant breach risk.

Ransomware returns as a top breach cause as attackers launch sophisticated and lucrative multistage campaigns. 12.5%of all breaches were caused by ransomware. In addition to these threats, the rapid escalation in ransomware has added unwelcome tension.

Multistage campaigns involving penetration, persistence, data theft, and extortion are ramping up pressure as attackers capitalise on the disruption faced by remote workers. In most ransomware attacks, email continues to be used as the most common attack vector to gain initial access