Ransomware Hits Businesses in Southeast Asia Hard

From January to December 2023, Kaspersky cybersecurity solutions detected a total of 287,413 ransomware incidents targeting businesses in the Southeast Asia region.

Experts from the global cybersecurity firm stressed that organizations, regardless of their type or size, must strengthen their IT security capabilities as ransomware, especially targeted malware, continues to pose a serious threat to organizations in the region.

Ransomware tấn công mạnh vào các doanh nghiệp ở Đông Nam Á - Ảnh 1. — Ransomware is a form of malware that hackers love to use.

“The days of mass ransomware attacks targeting individuals and businesses are slowly fading away. Instead, we are witnessing a shift in the way cybercriminals operate, with groups forming to carry out attacks that both steal and encrypt data, a practice known as double extortion. This shift is due to the increasingly sophisticated nature of cybercriminals’ operations, which allows them to demand significantly higher ransoms from their victims,” said Fedor Sinitsyn, Head of Malware Analysis at Kaspersky.

The number of ransomware attacks targeting Southeast Asian businesses last year was highest in Thailand, where Kaspersky detected and blocked 109,315 incidents. Indonesia followed closely with 97,226 ransomware attacks, followed by Vietnam with 59,837. Meanwhile, the Philippines ranked fourth with 15,312, followed by Malaysia with 4,982 and Singapore with 741.

Over the past year, ransomware has become a regular topic in the news across Southeast Asia, with cyber incidents often targeting large-scale businesses such as a bank in Indonesia, a public health insurer in the Philippines, a public rail transit system in Malaysia, a prominent hotel and casino in Singapore, Thailand’s largest media conglomerate, and an electricity company in Vietnam.

“It is clear that the threat actors behind ransomware attacks are targeting all sectors in Southeast Asia . The number of attacks may be fewer, but businesses need to understand the true impact of a successful ransomware attack, both financially and reputationally. Accordingly , businesses in the region need to look for cybersecurity technologies that offer absolute anti-ransomware capabilities that are certified in third-party tests, as not all cybersecurity solutions are equally effective,” said Yeo Siang Tiong, General Manager for Southeast Asia and Emerging Asia at Kaspersky.

Kaspersky Endpoint Security for Business, Kaspersky Small Office Security and Kaspersky Standard solutions have demonstrated comprehensive protection against ransomware across 10 different attack scenarios in regular Advanced Threat Protection assessments conducted by AV-TEST.

To protect yourself and your business from ransomware attacks, consider following the rules recommended by Kaspersky experts:

Don't let remote desktop or management services (like RDP, MSSQL...) connect to public networks unless absolutely necessary and always use strong passwords, two-factor authentication, and firewalls for them.
Install patches now available for commercial VPN solutions to provide access to remote workers, which act as gateways to the network.
Always keep the software on all devices in use up to date to prevent ransomware from exploiting vulnerabilities and infiltrating devices.
Focus your defense strategy on detecting lateral movement and data leakage to the internet. Pay special attention to outbound traffic to detect cybercriminal connections.
Back up your data regularly and pay special attention to offline backups. Make sure your data is still quickly accessible in case of emergency.
Avoid downloading and installing pirated software or software of unknown origin.

Source link