Digital kidnappers are after enterprises in Southeast Asia (SEA). Global cybersecurity company Kaspersky predicts the trend will continue this year and beyond, albeit in more sophisticated and targeted ways.
Ransomware is a type of malware that locks one’s computer and mobile devices or encrypts one’s electronic files. To get the “decryption” key or to get your data back, a ransom is required by the cybercriminals behind the attack.
As a threat, ransomware has come a long way since the first ransomware attack was carried out all the way back in 1989. Since 2016, the malicious actors behind this threat have shifted from targeting users to bigger enterprises. Known high-impact incidents include the Wannacry Ransomware, with an estimated $4 billion worth of aftermath.
Because of its high return-of-investment nature, ransomware groups continue to attack enterprises globally, including businesses in SEA.
Fresh statistics from Kaspersky revealed that a total of 304,904 ransomware attacks eyeing businesses here have been blocked by Kaspersky’s business solutions last year.
Indonesia recorded the highest number of incidents foiled by Kaspersky B2B solutions (131,779), followed by Thailand (82,438), and Vietnam (57,389). The Philippines logged a total of 21,076 ransomware attacks; Malaysia had 11,750, and Singapore had 472.
Kaspersky’s telemetry also revealed that the most common types of ransomware targeting businesses in the Philippines are:
- Trojan-Ransom.Win32.Crypren
- Trojan-Ransom.Win32.Wanna
- Trojan-Ransom.Win32.Stop
- Trojan-Ransom.Win32.Gen
- Trojan-Ransom.Win32.Agent
“One of our fresh studies has already confirmed that three-in-five of businesses here have been victims of a ransomware attack. Some once, but half have fallen prey multiple times. Our 2022 data reveals this threat will continue to be a menace for enterprises in SEA because it makes good money for cybercriminals because some business executives think ransomware is just overhyped by the media, and because enterprise security teams are actually overwhelmed and undermanned to detect and respond against it,” comments Yeo Siang Tiong, General Manager for Southeast Asia.
The cybersecurity talent gap continues to haunt enterprises here. A study even logged a 2.1M gap in available local security staff urgently needed in the greater Asia Pacific region.
In addition, only 5% of enterprise leaders here confirmed that they have internal incident response capabilities, or they have a regular IT team or service provider to figure out a ransomware attack
This explains why a majority (94%) of them would need external help in the case of an incident.
“We sound the alarm against ransomware targeting enterprises in SEA but at the same time, we hear that IT security teams and business executives need help to build their cybersecurity capabilities. With the emerging trend of Ransomware 3.0 -– a more dangerous version of this threat -– expert cybersecurity that goes beyond your usual endpoint solution is necessary. At the center of this is equipping your security teams with expert detection and incident response tools like Kaspersky XDR (Extended Detection and Response),” adds Yeo.
Kaspersky’s XDR is a holistic portfolio built upon the three pillars of any successful complex incident strategy.
Namely, security teams must be:
- Equipped: Cybersecurity is one area of expertise where even a skilled worker can legitimately blame their tools. Protection from multivector attacks and other complex incidents requires a unified, consolidated platform that gives total visibility, eliminating obstructive silos and preventing “alert fatigue” and other routine tasks within the incident response process.
- Informed: The existing advanced expertise of IT-matured organizations must never be taken for granted. After all, the cybercrime horizon is constantly shifting and expanding. Using cyber-threat intelligence, it enables organizations staying ahead of your cyber-adversaries with in-depth visibility into cyber-threats targeting your organization at different levels. With a constantly evolving threat landscape, it’s also vital IT security specialists keep their cybersecurity skills up to date and relevant needed to help defend against even the most sophisticated threats or attacks.
- Reinforced: Should a complex incident or APT be discovered, even the most advanced IT security analysts should have access to external support for 3rd party insight, security assessment, managed threat hunting, and incident response. While complex incidents resulting from APTs are usually highly targeted, they rarely target only one victim. External expertise can shed a multi-sector global light on the likely paths of an APT, and deliver actionable advice on the most decisive way to eliminate it from the system.
Kaspersky’s XDR platform features a perfectly matched combination of industry-leading tech, elite threat intelligence, human expertise, training, and services, backed by the greatest minds in cybersecurity. The company’s holistic approach nurtures the enterprise team’s cybersecurity power over multi-dimensional threat discovery, effective investigations, proactive threat hunting, delivering a rapid, centralized response to the full spectrum of modern threats like ransomware.
It is a multi-layered security technology platform in the form of solutions and cybersecurity experts’ services, adaptable to all sizes of organizations, and uses a proactive approach of coordinating siloed security tools into a coherent, unified security threat detection and response platform.