Connect with us

Hi, what are you looking for?

HEADLINES

Ransomware targeting SEA SMBs drops in 2020 vs 2019

Among the six SEA countries, only Singapore observed an uptick in the number of ransomware detections. There was a slight increase from 2,275 instances in 2019 that jumped to 3,191 in 2020.

Global cybersecurity company Kaspersky reported a significant decrease in the number of ransomware attempts it has detected and foiled among its small and medium-sized businesses (SMBs) users in the Southeast Asian (SEA) region. 

In its latest Kaspersky Security Network (KSN) report, the company revealed less than one million ransomware attempts (804,513) were monitored in 2020, less than half of 2019’s over 1.9 million detections.

Among the six SEA countries, only Singapore observed an uptick in the number of ransomware detections. There was a slight increase from 2,275 instances in 2019 that jumped to 3,191 in 2020. 

Although Indonesia still ranked fifth globally for the volume of its ransomware detections, its 1,158,837 detections are now down to 439,473. The trend of decreased ransomware incidents was observed across other countries in the region including Vietnam, the Philippines, Malaysia, and Thailand.

China remains at the top spot in terms of ransomware detections globally both for 2019 and 2020. Meanwhile, Brazil and the Russian Federation switched places for the second and third spots, with Brazil now being 2nd globally for 2020. 

Advertisement. Scroll to continue reading.

“I looked at the statistics for individual families, and it follows the overall drop in the number of detections, mainly due to the drop in the number of WannaCry detections. This family makes up a significant share of all detected ransomware, despite the fact that it has not been supported by the creators for more than three years and exists as a ‘zombie’,” said Fedor Sinitsyn, security researcher at Kaspersky.

One of the most persistent cyber threats to SMBs in the region remains to be ransomware, a malware designed to infect computers of organizations and individuals, encrypt the data in it, and block access to it. Ransomware attackers then will demand a fee from the victims in exchange for enabling the system to work again. 

Ransomware attacks may be declining but Kaspersky has been issuing a warning to companies, of all shapes and sizes, against the increasing activities of ‘Ransomware 2.0’ or what’s known as targeted ransomware. 

This cybersecurity “disease” goes beyond kidnapping data. Malicious ransomware groups are now conducting data exfiltration coupled with blackmailing. Using “pressure tactic”, these cybercriminals threaten to publish publicly the data they hold, further increasing the need for the victims to pay the ransom to protect their valued reputation. 

“The decrease of ransomware detections here should not make us complacent. Since last year, we have been underlining the evolution of this threat. Ransomware groups are now more concerned about quality over quantity. Meaning, from blindly throwing a line into the ocean and waiting for an insecure user to bite, attackers are now more aggressive and targeted towards their victims,” comments Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

Advertisement. Scroll to continue reading.

“A single targeted ransomware group alone managed to breach over 61 companies in the Asia Pacific (APAC) region last year, and with the accelerated digitalization of businesses in the region, we also predict that the sophistication behind attack methods will only increase and become more sophisticated. SMBs and enterprises should seriously look into intelligence-based technologies, both for endpoint protection as well as detection and response,” he adds.

There are different ways to protect your computer and your data from ransomware attacks. Some of Kaspersky’s tips include:

  • Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them.
  • Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network.
  • Always keep software updated on all the devices you use to prevent ransomware from exploiting vulnerabilities
  • Focus your defense strategy in detecting lateral movements and data exfiltration to the Internet. Pay a special attention to the outgoing traffic to detect cybercriminals connections. Back up data regularly. Make sure you can quickly access it in an emergency when needed. Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors.
  • Use solutions like Kaspersky Endpoint Detection and Response and Kaspersky Managed Detection and Response service which help to identify and stop the attack on early stages, before attackers reach their final goals.
  • To protect the corporate environment, educate your employees. Dedicated training courses can help, such as the ones provided in the Kaspersky Automated Security Awareness Platform.
  • Use a reliable endpoint security solution, such as Kaspersky Endpoint Security for Business that is powered by exploit prevention, behavior detection and a remediation engine that is able to roll back malicious actions. KESB also has self-defense mechanisms which can prevent its removal by cybercriminals.
  • Always have a data backup on a separate external hard drive. 
  • Avoid negotiating with cybercriminals or paying the ransom. 

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The attackers used a series of campaigns with novel exploits and customized malware to embed tools to conduct surveillance, sabotage and cyberespionage as well...

HEADLINES

Financial phishing attacks are rapidly increasing in the country as cybercriminals continuously evolve and adapt their tactics, making them sophisticated. The number of attacks...

HEADLINES

A Scale of Harm study by the International Justice Mission revealed that almost half a million Filipino children were trafficked to produce new child...

HEADLINES

Yondu launched an extensive, month-long cybersecurity awareness campaign focused on modern threat detection, incident response, and social engineering defense.

HEADLINES

Only 22% of organizations in Philippines are fully prepared to deploy and leverage AI-powered technologies, from 17% a year ago.

ELECTRONICS

Philips EasyKey partnered with Megaworld and equipped their world-class properties with only the best-in-class smart locks we have on offer, the Philips EasyKey 9300.

HEADLINES

The PLDT wireless unit is also calling on customers to report these messages to Smart’s HULISCAM portal for further action.

HEADLINES

Here are some tips from Sophos for staying secure online during the cybersecurity awareness month.

Advertisement