Connect with us

Hi, what are you looking for?

HEADLINES

Advanced scams, data breaches, crypto and NFT attacks to shape SEA cyberthreat landscape in 2022

Cybercriminals can target a variety of industries, from airlines, hospitals, government websites, banks, telecom companies, universities, e-commerce, and even social media giants through different sophisticated means.

Two years into the pandemic, Southeast Asia (SEA), as the rest of the world, is gearing up for a year of recovery in 2022. Companies and individuals of all ages are ready to revert back to regain the sense of normalcy, with back-to-office, back-to-school, and back-to-travel policies currently being put in place. 

But as witnessed this year, cybercriminals can target a variety of industries, from airlines, hospitals, government websites, banks, telecom companies, universities, e-commerce, and even social media giants through different sophisticated means.

To give organizations and individuals a compass to help navigate the shifting cyberthreat landscape and secure the recovery phase of countries in the region, experts from Kaspersky’s Global Research and Analysis Team (GReAT) today reveal the four top trends to look out for this year. 

Decrease of Targeted Ransomware Attacks

The times of pandemic coincided with the rise of targeted ransomware attacks worldwide focusing on the most valuable targets as well as interruption-sensitive businesses. 

Advertisement. Scroll to continue reading.

Some companies from SEA were among the victims of such attacks. However, with strong international cooperation and multiple task forces to trace ransomware gangs, Kaspersky experts believe that the number of such attacks will decrease during 2022. 

“The initial call was made by the US government, involving the FBI, and even offensive capabilities of the US Cyber Command. We anticipate that the attacks may resurface later, focusing on hitting developing countries with poor cyber-investigative capabilities or countries that are not allies of the US,” says Vitaly Kamluk, Director of Global Research & Analysis Team (GReAT) for Asia Pacific at Kaspersky.

Given the geopolitical stance of some countries in Southeast Asia, it’s likely that there will be less or even no such attacks in certain countries from the region in 2022. 

Yet, broadly available hosting services offered by countries like Singapore and Malaysia, data center services and infrastructure can still be abused by the targeted ransomware gangs.

Advanced Scam and Social Engineering

One of the distinctive features of citizens of developed countries is an elevated feeling of safety. Higher expenditure on technology, including cybersecurity, generates a long-term feeling of safety online as well. 

Advertisement. Scroll to continue reading.

As a result, the general population is less exposed to traditional cyberthreats – it’s just harder to find unprotected infrastructure or infect users. This is why the attackers focus on non-technology focused attacks, exploiting human vulnerabilities, involving all sorts of scam via SMS, automated phone calls, popular messengers, social networks, etc.

The number of scam reports keeps increasing year over year, according to Singapore Police Force: +16% (2021), +108.8%(2020), +27.1% (2019), +19.5% (2018). 

In Thailand, nearly 40,000 people were scammed with their bank accounts and credit cards showing inexplicable transactions. Scammers also used fake bank websites to steal banking details of Malaysians last year. Impersonations against top e-commerce platforms in Vietnam were also used to trick users to send money.

“This trend is fueled by automation of some services, such as automatic dialing and automatic initial message delivery with expected follow-up action that triggers manual human-driven scam operation. We believe this trend will develop further in the future, including production of victim-tailored documents, images, deep fake videos, voice synthesis. It’s possible that there will be a shift back from computer-assisted crime schemes (scams) to pure cybercrime based on complete compromise of digital assets (user accounts, smartphones, personal computers). It is likely we will see the first attempts of such technically-advanced scams in 2022,” Kamluk adds.

More Data Breaches by Unidentified Attackers

With the decrease of targeted ransomware attacks openly exposing stolen data and taking the responsibility for a breach, we will see the rise of stolen data being offered on the black markets. 

Advertisement. Scroll to continue reading.

“In recent years, we observed that in many cases of data breaches the victims were neither able to identify the attackers, nor find out how they got compromised. Although there has always been a challenge to identify the attacker and the source of the breach, the percentage of such cases has increased significantly in the past 2 years reaching over 75% according to our research,” Kamluk explains.

Experts from Kaspersky believe it is not only a symptom of serious challenges that cyber defenders face, but also a motivational factor and a signal for other passive cybercriminals to rush into the field of data theft and illegal trading. 

As a result, we shall observe more stolen databases, internal communications, and personal details stolen from various companies and traded on the black market.

Cryptocurrency and NFT Industry Attacks

By observing the cutting edge attackers with large human resources, such as Lazarus group and its sub-group, BlueNoroff, Kaspersky researchers concluded that we shall expect an even more significant wave of attacks on cryptocurrency businesses. 

Even the growing industry of NFT (non-fungible token) will be targeted by cybercriminals. This is due to the fact that countries in SEA are leading in terms of NFT ownership, with the Philippines topping the list at 32% saying they own such digital assets. 

Advertisement. Scroll to continue reading.

Among the 20 countries surveyed, Thailand (26.2%) ranked second followed closely by Malaysia (23.9%). Vietnam landed on the 5th spot (17.4%) and Singapore was 14th (6.8%).

“From direct attacks on employees of cryptocurrency startups and exchanges through sophisticated social engineering, software exploits, and even fake suppliers to mass attacks via supply-chain software or its components (i.e. third-party code libraries) – we will see an increase of such cases. Additionally, we should see more incidents of NFT property theft in the coming years. Being a totally new area, this will cause a deficit in skilled police investigators that will result in an initial surge of such attacks,” he adds.

In addition, experts from the global cybersecurity company expect that these attacks will not only have an effect on the global cryptocurrency markets but also the share price of individual companies, which will also be monetized by the attackers via stock market illegal insights trading.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

In rigorous evaluations conducted by prestigious cybersecurity testing organizations, Kaspersky Plus (starting in Q4 2024, Kaspersky Premium), Kaspersky Endpoint Security for Business (KESB), and...

HEADLINES

"Given the Philippines' high exposure to cyber threats, it's important for both individuals and businesses to stay vigilant," said Adrian Hia, Managing Director for...

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

HEADLINES

As part of RCBC’s 2024 Cybersecurity literacy program, the webinar aims to help Filipinos level up their online banking safety by providing them with...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

Advertisement