Connect with us

Hi, what are you looking for?

HEADLINES

Ransomware targeting SEA SMBs drops in 2020 vs 2019

Among the six SEA countries, only Singapore observed an uptick in the number of ransomware detections. There was a slight increase from 2,275 instances in 2019 that jumped to 3,191 in 2020.

Global cybersecurity company Kaspersky reported a significant decrease in the number of ransomware attempts it has detected and foiled among its small and medium-sized businesses (SMBs) users in the Southeast Asian (SEA) region. 

In its latest Kaspersky Security Network (KSN) report, the company revealed less than one million ransomware attempts (804,513) were monitored in 2020, less than half of 2019’s over 1.9 million detections.

Among the six SEA countries, only Singapore observed an uptick in the number of ransomware detections. There was a slight increase from 2,275 instances in 2019 that jumped to 3,191 in 2020. 

Although Indonesia still ranked fifth globally for the volume of its ransomware detections, its 1,158,837 detections are now down to 439,473. The trend of decreased ransomware incidents was observed across other countries in the region including Vietnam, the Philippines, Malaysia, and Thailand.

China remains at the top spot in terms of ransomware detections globally both for 2019 and 2020. Meanwhile, Brazil and the Russian Federation switched places for the second and third spots, with Brazil now being 2nd globally for 2020. 

Advertisement. Scroll to continue reading.

“I looked at the statistics for individual families, and it follows the overall drop in the number of detections, mainly due to the drop in the number of WannaCry detections. This family makes up a significant share of all detected ransomware, despite the fact that it has not been supported by the creators for more than three years and exists as a ‘zombie’,” said Fedor Sinitsyn, security researcher at Kaspersky.

One of the most persistent cyber threats to SMBs in the region remains to be ransomware, a malware designed to infect computers of organizations and individuals, encrypt the data in it, and block access to it. Ransomware attackers then will demand a fee from the victims in exchange for enabling the system to work again. 

Ransomware attacks may be declining but Kaspersky has been issuing a warning to companies, of all shapes and sizes, against the increasing activities of ‘Ransomware 2.0’ or what’s known as targeted ransomware. 

This cybersecurity “disease” goes beyond kidnapping data. Malicious ransomware groups are now conducting data exfiltration coupled with blackmailing. Using “pressure tactic”, these cybercriminals threaten to publish publicly the data they hold, further increasing the need for the victims to pay the ransom to protect their valued reputation. 

“The decrease of ransomware detections here should not make us complacent. Since last year, we have been underlining the evolution of this threat. Ransomware groups are now more concerned about quality over quantity. Meaning, from blindly throwing a line into the ocean and waiting for an insecure user to bite, attackers are now more aggressive and targeted towards their victims,” comments Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

Advertisement. Scroll to continue reading.

“A single targeted ransomware group alone managed to breach over 61 companies in the Asia Pacific (APAC) region last year, and with the accelerated digitalization of businesses in the region, we also predict that the sophistication behind attack methods will only increase and become more sophisticated. SMBs and enterprises should seriously look into intelligence-based technologies, both for endpoint protection as well as detection and response,” he adds.

There are different ways to protect your computer and your data from ransomware attacks. Some of Kaspersky’s tips include:

  • Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them.
  • Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network.
  • Always keep software updated on all the devices you use to prevent ransomware from exploiting vulnerabilities
  • Focus your defense strategy in detecting lateral movements and data exfiltration to the Internet. Pay a special attention to the outgoing traffic to detect cybercriminals connections. Back up data regularly. Make sure you can quickly access it in an emergency when needed. Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors.
  • Use solutions like Kaspersky Endpoint Detection and Response and Kaspersky Managed Detection and Response service which help to identify and stop the attack on early stages, before attackers reach their final goals.
  • To protect the corporate environment, educate your employees. Dedicated training courses can help, such as the ones provided in the Kaspersky Automated Security Awareness Platform.
  • Use a reliable endpoint security solution, such as Kaspersky Endpoint Security for Business that is powered by exploit prevention, behavior detection and a remediation engine that is able to roll back malicious actions. KESB also has self-defense mechanisms which can prevent its removal by cybercriminals.
  • Always have a data backup on a separate external hard drive. 
  • Avoid negotiating with cybercriminals or paying the ransom. 

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Located in the Kaspersky office, the new facility will provide the company’s stakeholders with services ranging from an overview of Kaspersky’s practices, to a...

HEADLINES

Smart and Maya emphasize that they never send SMS with links requesting login credentials, personal information, or account verification. If you receive such a...

HEADLINES

In this new scheme, scammers call potential victims claiming that their phone number has been linked to illegal activities. The fraudsters would then extort...

White Papers

With an increase of 9% the industry is one of only three sectors with an increasing attack rate beside healthcare (+7%) and financial services...

HEADLINES

In August alone, PLDT and Smart’s Cyber Security Operations Group (CSOG) blocked access to more than 400,000 URLs that host child sexual abuse and...

White Papers

The survey reveals a crucial opportunity for mobile brands in the Philippines to stand out by prioritizing mobile app security and creating a better...

HEADLINES

Kaspersky’s solutions recorded Necro attacks targeting users in Russia, Brazil, Vietnam, Ecuador, and Mexico as part of this malicious campaign.

HEADLINES

Kaspersky’s report was recognized in the ARC Awards category “Sustainability Report: Americas & Europe (PDF Version of Annual Report),” which acknowledges winners for the...

Advertisement