Following our earlier article Ransomware attacks doesn’t concern me – Do I need to care ? 13/8/2021, this is a real problem that companies in Singapore are already facing. A total of 68 cases of cyber attacks were reported in the first half of the year compared to a total of 89 cases for the whole of last year. This does not include the unreported cases which is likely to be more than the reported cases.
Three recent major reported cases in Singapore include private eye clinic ERS, insurance company Tokia Marine Insurance and fintech unicorn Pine Labs.
The attacks resulted in a demand for ransom as well as leakage of customers’ personal data, clinical information and private confidential documents. In addition, the IT systems were down and needed to be securely restored. It was estimated that each data breach costs a company USD3.86 million*.
Specifically, the extent of the damage in the cyber attack in ERS was mitigated by multi-layer security by design (How to protect your data from ransomwares? 16/8/2021) in segregated data form. Active medical data are maintained separately in cloud-based system. IT systems are physically segregated by branch locations. It will be increasingly challenging to totally isolated a fully connected online IT infrastructural systems from ransomwares attack. It is paramount that you adopt as early as possible some preventive measures to limit the scale of damage should such an unfortunate attack happens. Any small steps now go a long way in avoiding future grief.
*IBM Security and the Ponemon Institute’s 2020 study