Singapore has emerged as the most targeted nation globally for regulatory extortion by hackers, according to the 2025 Global Ransomware Risk Report by Semperis. The report, which surveyed nearly 1,500 organisations worldwide, reveals that 66% of Singaporean organisations have experienced threats from hackers to file regulatory complaints if incidents go unreported. This figure surpasses the 47% average across other major economies, including the US, UK, and Germany.
The Asia-Pacific region, including Singapore, is particularly vulnerable, with 61% of organisations reporting at least one successful cyberattack. The report highlights that 85% of affected organisations in the region have paid ransoms to restore systems or protect data, a significantly higher rate than in other regions such as Europe, where only 50% have done so.
Ransomware attackers primarily leverage the threat of releasing sensitive data, with 82% of organisations citing this as a major pressure point. Gerry Sillars, Vice President for Asia Pacific and Japan at Semperis, emphasised the importance of robust data governance and crisis communication protocols, stating, “As data confidentiality becomes increasingly critical, ransomware groups are tailoring their extortion methods to exploit both operational vulnerabilities and executive-level anxieties.”
The report also notes that ransomware attacks often lead to leadership changes, with 67% of Singaporean organisations experiencing C-level resignations or dismissals following an attack. Mickey Bresman, CEO of Semperis, warned against paying ransoms, stating, “Every dollar handed to ransomware gangs fuels their criminal economy, incentivising them to strike again.”
To combat these threats, the report recommends that organisations prioritise identity-first security strategies and conduct regular exercises to strengthen their response capabilities. Semperis continues to support global organisations in defending against cyberattacks, particularly focusing on hybrid identity systems.
“`
