Kaspersky, the global cybersecurity company, has presented its cyber threat forecast for the Asia Pacific (APAC) region for 2024, highlighting the escalation of digitalization and geopolitical tensions as key factors increasing vulnerable organisations and individuals to cyber threats. Expected threats for the new year range from online scams and phishing attacks to major security data breaches.
Vitaly Kamluk, the Head of Kaspersky's Global Research and Analysis Team (GReAT), asserts that "Asia Pacific's digital economy continues to grow exponentially and is expected to keep its momentum in the next five years." According to Kamluk, emerging technologies such as digital payments, Super Apps, IoT, smart cities, and generative Artificial Intelligence are not exempt from these threats. With increasing digitalisation efforts, cybersecurity will be crucial in fortifying the region's overall protection against potential damaging cyberattacks. Additionally, he predicts that existing geopolitical tensions will likely continue to make the region a target for Advanced Persistent Threats (APTs).
In the Southeast Asian region, the scope of online scams and phishing attacks is predicted to heighten further. Following Singapore's major security data breaches and outages in the previous year, similar threats loom in the future. Kamluk explains that despite successful operations against scam and phishing attacks, "the scale of online scam and phishing attacks in Southeast Asia will only continue growing in the coming years due to technical and legal illiteracy of many people involved in such attacks from operators to victims."
China is projected to face a surge of APT attacks despite initiatives to combat telecom fraud. The rise in phishing attacks geared towards personal credit card information is of particular concern. Kasperskys researchers anticipate that the frequency of these attacks may increase towards the year-end and into early next year.
India's existing struggle with scam and fraud cases may get compounded with the rise of technologies and digitalisation of its economy. Kamluk says that the adoption of advanced systems like Unified Payments Interface and the popularity of cryptocurrencies could lead to a new wave of scam cases. Plus, the country's move towards smart cities intensifies the security issues posed by IoT vulnerabilities.
The threat forecast also indicates increasing risk for South Korea, with major political events turning into prime opportunities for threat actors to launch cyberattacks. Kamluk pointed out that "customized threats, meticulously tailored to exploit South Korea's unique software landscape and IT environment, are poised to persist and pose an ongoing challenge."
To bolster security against these looming threats, Kaspersky has also recommended several steps for organisations in the Asia Pacific region. These include, amongst others, regular software updates, implementation of strong passwords and multi-factor authentication for remote services access, as well as adopting reliable endpoint security solutions and leveraging latest Threat Intelligence information.