257 views

Singapore targets ransomware with tougher policies, avoids payouts

New task forces, regulations, and public-private efforts shape a ransomware-resistant Singapore.

Singapore has stepped up its fight against ransomware, cutting attacks by 20% this year, though rates remain higher than global averages. With proactive government measures, experts highlight a strong commitment to combat ransomware while minimising payouts—a strategy central to the country’s approach.

According to Prof Liu Yang, Executive Director for Cyber Research Programme Office and Cyber Security Research Centre at Nanyang Technological University (NTU), Singapore’s response to ransomware includes “an inter-agency task force composed of senior representatives from technology, cybersecurity, financial regulations, and law enforcement” to ensure comprehensive protection for critical infrastructures.

Liu also highlighted the upgrade of Singapore’s cybersecurity strategy to implement zero-trust architectures, saying that a “one-stop platform” now provides companies with “decryption keys and instance response guidance” to streamline their responses to ransomware incidents.

Abhilash Purushothaman, General Manager and Vice President of Rubrik Asia, noted that while progress is being made, gaps in cybersecurity preparedness remain significant. Referring to a recent report from Singapore’s Cyber Security Agency (CSA), he shared his view that Singaporean companies have experienced “the highest rate globally” of cyber incidents in the past year.

The need for stronger resilience has prompted the government to consider new regulations for service providers, data centres, and cloud companies to meet stricter security standards. Minister of Communications and Information, Josephine Teo, recently confirmed that these regulations aim to “reduce the likelihood of systematic disruptions.”

Purushothaman stressed that heightened guidance is critical since, for many businesses, “96% of the organisations that are hit by ransomware paid the demand.” Often, organisations face pressure to pay ransoms to prevent sensitive data leaks, but cybersecurity advocates warn that such payouts embolden attackers.

Both Prof Liu and Purushothaman highlighted the sectors most vulnerable to ransomware, identifying healthcare, financial services, manufacturing, education, and government as prime targets.

With Singapore’s expanded cybersecurity capabilities, officials and cybersecurity experts strongly discourage ransom payments. “Law enforcement agencies in Singapore strongly discourage ransom payment as paying does not guarantee data decryption or prevent information leakage,” Liu said.

CSA also cautions companies against succumbing to ransom demands, with Purushothaman emphasising that paying “signals cyber criminals that organisations are willing to comply with the extortion demands.”

Instead, companies are urged to adopt an “assumed breach mindset,” which includes robust data backups and zero-trust principles to safeguard data integrity. Purushothaman summed up Rubrik’s approach, stating, “Recovering from a clean backup is the only way to beat the attackers.”

Follow the link for more news on

Join Singapore Business Review community
Since you're here...

...there are many ways you can work with us to advertise your company and connect to your customers. Our team can help you dight and create an advertising campaign, in print and digital, on this website and in print magazine.

We can also organize a real life or digital event for you and find thought leader speakers as well as industry leaders, who could be your potential partners, to join the event. We also run some awards programmes which give you an opportunity to be recognized for your achievements during the year and you can join this as a participant or a sponsor.

Let us help you drive your business forward with a good partnership!