SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

Ransomware threats escalating in Southeast Asia – report

Thu, 25th Apr 2024

According to cybersecurity firm Kaspersky, Southeast Asia (SEA) is facing an increasing threat from targeted ransomware, with a total of 287,413 incidents detected between January and December 2023. The crime is gravely impacting businesses throughout the region.

Thailand has been hit hardest, experiencing 109,315 incidents during this period. Following closely, Indonesia saw 97,226 attacks and Vietnam dealt with 59,837. Meanwhile, the Philippines, Malaysia, and Singapore recorded 15,312, 4,982, and 741 incidents respectively.

According to Yeo Siang Tiong, General Manager for Southeast Asia and Asia Emerging Economies at Kaspersky, the figures show that "the threat actors behind ransomware attacks target all sectors in Southeast Asia." He adds, "The total number of attempts may be lower, but organisations need to realise the real impact of each successful ransomware infection, both on the financial and reputation fronts."

Yeo pointed out that businesses need to focus on cybersecurity technologies that provide absolute anti-ransomware effectiveness in third-party exams. He stressed that not all cybersecurity solutions are equal.

Fedor Sinitsyn, Lead Malware Analyst at Kaspersky, highlighted a shift in ransomware attacks towards "double extortion." This kind of attack, involving data theft and encryption, allows attackers to operate with greater efficiency and demand significantly higher ransom sums.

Kaspersky has been actively involved in efforts to combat ransomware since 2016 through its participation in the 'No More Ransom' initiative. As part of this initiative, Kaspersky's free decryption tools have been critical in aiding nearly two million victims globally.

To protect yourself and your business from ransomware attacks, consider following the rules proposed by Kaspersky experts:

  • Do not expose remote desktop/management services (such as RDP, MSSQL, etc.) to public networks unless absolutely necessary and always use strong passwords, two-factor authentication and firewall rules for them.
  • Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network.
  • Always keep software updated on all the devices you use to prevent ransomware from exploiting vulnerabilities.
  • Focus your defense strategy on detecting lateral movements and data exfiltration to the Internet. Pay special attention to the outgoing traffic to detect cybercriminals' connections.
  • Back up data regularly with special attention to offline backup strategies. Make sure you can quickly access it in an emergency when needed.
  • Avoid downloading and installing pirated software or software from unknown sources.
  • Assess and audit your supply chain and managed services access to your environment.
  • Prepare an action plan for reputational risk of your data exposure in the unfortunate event of data theft.

 

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X