MANILA - Ransomware attacks could become more frequent than in 2024, a cybersecurity solutions company warned on Tuesday.

Fortinet sees the rapid digital evolution creating opportunities for bad actors to perform cybercrime against organizations.

A survey conducted by the IDC showed almost 56 percent of organizations reported at least twice an increase in the number of ransomware attacks.

Fortinet Vice President of Marketing and Communications in Asia Rashish Pandey said ransomware is now even offered as a service by criminal groups.

“In the past, it used to be that I have locked your system, you give me money and I give you access to data. But now it has advanced even more. What we are seeing now is even if you give the money, they will extract the data and sent outside, or even if you give the money, they will not give your data and just delete it,” Pandey said.

Rashish emphasized that as technology gets more sophisticated, bad actors are also finding more gateways to get information through social engineering, phishing attacks, and hacking IT infrastructure.

Aside from ransomware, other common cyberthreats in the Philippines this year include phishing, identity theft, patching vulnerabilities, and insider threats.

As remote work became a trend since the COVID-19 pandemic, experts also sees it as a cybersecurity concern. Rashish connected insider threats to remote work as more employees use unsecured public Wi-Fi in cafes, hotels, and other public areas.

Respondents of the survey said insufficient employee training on cybersecurity has led to an increase in insider threats.

“If they are not trained enough, you send an email from your boss… please click on this… employees are very likely to click on that,” Rashish said.

The survey also showed 50 percent of businesses do not have dedicated resources for cybersecurity teams. For every 195 employees, there is only one security operations professional in service.

IDC’s survey also noted that the average time to detect and remediate an attack takes 21 days. But with a security operations in place, the timeline could be shortened to 18.5 hours.

Meanwhile, Fortinet reported in 2023 that an average breach cost in the Philippines is P55 million.

“What we are seeing though is that the frequency of attacks is increasing. The overall volume of the cost of remediation goes up,” Rashish said.

Fortinet Philippines System Engineer Nap Castillo underscored the importance of investing in a security operations system to mitigate and lessen the time of exposure and cost.

Castillo also advised organizations to take advantage of automated and artificial intelligence-powered security operations solution to detect and respond to threats faster.

“Just type a query and it will automatically show you… You can ask specifically about Fortinet solutions. For example, what response can you recommend for Medusa ransomware using Fortinet solution? It will give you specific products of what to do. We give you a graphical representation of the timeline in terms of the necessary solutions you will need to deploy,” Castillo said.