A recent study by Semperis reveals that 59% of Singaporean organisations have experienced ransomware attacks during holidays, weekends, and major corporate events. This figure is higher than in the US, UK, and Australia and New Zealand (ANZ), highlighting a significant vulnerability during these periods. The 2025 Holiday Ransomware Risk Report indicates that cybercriminals exploit reduced cybersecurity staffing during these times.
Semperis Vice President for APAC/Japan, Gerry Sillars, emphasised the importance of protecting identity systems, stating, “The holidays may bring downtime for companies, but cybercriminals don’t take days off.” The report found that 79% of ransomware attacks in Singapore occurred after significant corporate events, such as mergers or layoffs, with 63% of companies targeted following a merger or acquisition.
The study also highlights that 67% of Singaporean organisations reduce their security operations centre (SOC) staffing during holidays to provide employees with work/life balance. However, this reduction leaves them vulnerable, as 30% did not anticipate attacks during these periods. Additionally, whilst 96% of organisations have identity threat detection and response (ITDR) plans, only 39% include procedures for vulnerability remediation.
The findings underscore the need for enhanced vigilance and robust cybersecurity measures, particularly during times of organisational disruption. As ransomware attacks continue to target periods of reduced security focus, organisations must prioritise both detection and response strategies to safeguard their critical assets.
