January 24, 2024
MANILA – Cybercriminals are targeting suppliers to gain access to multiple companies when launching ransomware attacks, which can cost victimized firms as much as $100 million on average to recover stolen data, according to an enterprise technology company.
Trend Micro Philippines senior threat researcher Monte de Jesus, in a briefing on Tuesday, said that supply chains have become an “attractive target” for hackers as these serve as gateway for further digital attacks.
“They (hackers) will be able to easily deploy their crafted [malicious software] to different organization that is supplied by those companies,” he said.
De Jesus shared that half of organizations globally have dealt with ransomware in their supply chains, based on a study by Trend Micro.
Ransomware is a fraudulent activity whereby hackers hold the data or system hostage until a ransom is paid.
Phishing and ransomware
De Jesus said ransom varies from “tens of thousands of dollars” to about $100 million, depending on the scale and value of the stolen data.
Last year, 1.87 million ransomware incidents were detected in the Philippines, according to the company’s monitoring.
Trend Micro Philippines country manager Ian Felipe said that ransomware targets both the private sector and government agencies that handle a significant amount of sensitive information.
“The more valuable data they have, the more the risk they have,” he said.
Raymond Almanon, Trend Micro Philippines senior security specialist, shared that cyberthreats have been on the rise with the aid of artificial intelligence (AI) tools.
He noted that AI is being used to generate text, videos and photos, among others, which are then being embedded on phishing emails.
Phishing is a type of fraud whereby hackers send suspicious links via emails and messaging applications to trick users into providing their personal data.
In a related study, cybersecurity firm Fortinet previously estimated that a typical organization spends about P55 million or about $1 million to resolve a single data breach and pay off ransom to regain system access in the Philippines.
About 56 percent of surveyed organizations in the Philippines reported a doubling of ransomware attacks last year compared with cases in 2022, Fortinet said, noting more digital threats of the same kind are expected to trouble businesses this year. INQ