Bruteforce cyber attacks surge in SEA, over 53 million blocked

Kaspersky has reported that its solutions used by businesses in Southeast Asia detected and blocked more than 53 million bruteforce attacks throughout 2024, with Singapore experiencing over 4 million of these attacks.

Password breaking remains a common method for cybercriminals attempting to gain unauthorised access to corporate systems in the region. These attacks typically involve tools such as Bruteforce.Generic.RDP., which systematically attempt all possible combinations of characters in order to determine valid login credentials. Once a correct password is found, attackers can inflict significant data and financial losses on affected organisations.

According to Kaspersky, bruteforce attacks involve guessing passwords or encryption keys by trying various character combinations until the correct one is obtained. Remote Desktop Protocol (RDP), Microsoft's proprietary protocol for remote computer access, is frequently targeted. RDP is used by both system administrators and less-technical users to control servers and personal computers from remote locations, but cybercriminals have also adopted it as an entry point to critical business resources.

Cybersecurity risks are further compounded when devices operate outside of company networks, beyond the oversight of IT departments. In such situations, the potential for confidential information to be stolen or lost due to carelessness significantly increases.

Adrian Hia, Managing Director for Asia Pacific at Kaspersky, commented on the scale of the threat: "On a daily basis, we are looking at more than 145,000 attempts to break enterprises and SMBs' passwords and encryptions in SEA. That's a lot given the current shortage of cybersecurity staff in the region."

Indonesia and Malaysia have seen notable increases in bruteforce attacks over the past year. In 2024, Kaspersky detected 14,662,615 RDP attacks targeting businesses in Indonesia, representing a 25% increase from the 11,703,925 attacks recorded in 2023. Malaysia experienced a 14% rise, with 3,198,767 bruteforce attempts observed in 2024 compared to 2,810,648 the previous year.

Hia addressed the impact of technological advancements on cybercrime: "With better Artificial Intelligence (AI) services at play, cybercriminals now have a reliable assistant to guess passwords and break encryptions faster. Once successful, a bruteforce attack allows an attacker to gain remote access to the targeted host computer. Imagine the repercussions of having a spy, or more, inside your computers. Thus, it is urgent for businesses here to really look into their IT posture and recalibrate their cybersecurity capabilities."

Kaspersky provided a series of recommendations for businesses using RDP to mitigate the risks associated with bruteforce attacks. These steps include using strong passwords, restricting RDP access to corporate VPNs, enabling Network Level Authentication (NLA), implementing two-factor authentication where possible, disabling RDP and closing port 3389 if the protocol is not required, and deploying reliable security solutions.

The company continues to emphasise the importance for businesses in Southeast Asia to enhance their cybersecurity measures in the face of increasing attack volumes and evolving tactics utilised by cybercriminals.