Ransomware attacks cost PH firms $500,000 each

One in every four companies in the Philippines has paid over $500,000 to recover their information technology (IT) systems from ransomware attacks. The amount also covers the cost of building up firewalls against future digital threats, according to Fortinet.
Rashish Pandey of Fortinet told the Inquirer that cybercriminals are targeting organizations with critical infrastructure and sensitive data when launching a ransomware attack for maximum damage.
He is the cybersecurity company’s vice president of marketing and communications in Asia and Australia-New Zealand.
Pandey said the most vulnerable are large-scale manufacturing firms that can’t afford any downtime. He also cited hospitals that store a significant amount of confidential patient data.
In this kind of cyberattack, hackers hold hostage an entity’s IT system and data until a ransom is paid.
These enterprises would likely be pressured into giving in to the hackers and paying off the ransom. That is to avoid disruptions that could potentially be costlier, Pandey said.
In the past year, Fortinet noted that nearly 78 percent of the surveyed Filipino companies claimed to have dealt with cyber threats backed by artificial intelligence (AI).
These AI-powered attacks, which are usually harder to detect, include a deepfake impersonation in business email compromise (BEC).
Deepfake
Deepfake technology enables manipulation of media content, such as still photos, audio or video.
In BEC attacks, hackers send emails embedded with compromising links or even digitally altered media to business email addresses. Such a threat is intended to make recipients provide access to their organization’s IT system.
Considering this, Fortinet said that 80 percent of the Filipino respondents said they were increasing their cybersecurity budgets.
About 15 percent of IT budgets goes to cybersecurity.
“As cyber threats grow more covert and coordinated, we’re seeing a clear shift in how organizations approach cybersecurity investment. The focus is moving beyond infrastructure to more strategic areas like identity, resilience and access,” Pandey said.
In a related study, Palo Alto Networks said that local enterprises raised their spending for security software by 47.09 percent.
An example is a threat detection and response system, which collects and analyzes suspicious behavior on the network. This will then be reported to the security team for further action.