The report also reveals how attackers use classic techniques — some decades old, such as typosquatting, phishing, backdoored malware, and fake marketplaces — to carry out their scams against each other.
In 2019, ransomware attacks were already a prominent and persistent threat for organizations across several industries. Although the pandemic lockdowns in 2020 initially affected the volume of activities carried out by ransomware criminals, attributed mainly to restrictions in mobility and access to resources, these malicious actors quickly bounced back and even breached pre-pandemic levels in 2021.
Philippine companies paid $1.6 billion on average through the nose for ransomware attacks in 2022, making the country the third most-extorted by ransomware in the world next only to Japan and the Netherlands, according to cybersecurity firm Sophos.
Education institutions faced the highest data encryption rate (73%) compared to other sectors (65%), and the longest recovery time, with 7% taking at least three months to recover – almost double the average time for other sectors (4%).
The Sophos survey showed that 95 % of Philippine companies agree their biggest security challenge in the next 24 months will be the awareness and education of employees and leadership.
Attackers are using the apps to steal money from people who believe they have installed a financial trading, banking, or cryptocurrency app from a well-known and trusted organization.
The cybersecurity skills gap also continues to be a problem for businesses in the Philippines. Nearly 45% of local businesses have said that lack of cybersecurity skills is challenging for their organization.
