Story image

APAC is now a 'honeypot' for cyber attacks as most targeted region in the world

16 Mar 17

Trend Micro’s latest report says that Asia Pacific region was something of a giant honeypot for cyber attacks last year, topping out other parts of the world and complementing a ‘record’ year for extortion, the company says.

The 2016 Global Roundup Report showed that business email compromise (BEC) scams and vulnerbilities in SCADA systems were both trending upwards.

“It is hardly surprising that enterprises today are facing a surge of known and unknown threats. Known threats are growing – globally, we blocked over 80 billion attacks attempting to cause havoc in 2016 alone. On top of dealing with those, the industry is increasingly combatting unknown threats that are appearing at the rate of 500,000 per day.” says Trend Micro’s Asia Pacific managing director Dhanya Thakkar.

Overall, Trend Micro blocked 435,709 exploit kits in APAC in Q4 alone - the highest of all global regions. RIG accounted for 307,000; Magnitude accounted for 106,000 and Sundown accounted for 12,000. Trend Micro says they are able to take advantage of unpatched vulnerabilities and zero-days, 18% were also used to deliver ransomware.

 There were also 317,833 detections of online banking malware in APAC - three times the amount found in North America, and six times more than in Latin America. ATMs using Windows XP were popular targets. Banking trojans and skimmers were also popular.

APAC was also hit hardest by ransomware attacks, with 27% of attacks on enterprises and individuals. This is compared to 25% in EMEA and 22% in Latin America. With ransomware attacks surging 752%, the threats are hauling in US$1 billion in ransoms.

“In 2017, open source ransomware and ransomware-as-a-service (RaaS) will continue to make stealthy extortions accessible for cybercriminals running their own ransomware operations. Given that, enterprises in the region are advised to deploy multi-layered security solutions incorporating machine learning capabilities to counter ransomware infections,” Trend Micro says.

 BEC scams across APAC gained ground particularly in Hong Kong, Japan and India. They are three of the 92 countries affected. 

Meanwhile, the Mirai botnet has claimed an estimated 100,000 compromised connected devices. Trend Micro says the attacks on IoT devices and distributed denial-of-service (DDoS) attacks are still growing.

“The onslaught of mixed attacks emphasizes the importance of strengthening one’s cybersecurity posture and adopting a cross-generational security approach capable of handling both the influx of known attacks and the rise of unknown threats designed to evade the conventional security software,” Thakkar concludes. 

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.