Ransomware Continues to Pummel Organisations in Southeast Asia

Due to growing digital economy, geographical location and resources as regional hubs for finance and technology, and varying levels of cybersecurity infrastructure, Kaspersky has found that the region remains a hotspot for ransomware attacks. Large organisations and SMEs continue to be targeted by cybercriminals

“In general, cybercriminals, including ransomware groups, are eyeing critical infrastructure and vulnerable sectors such as financial, public services, manufacturing and healthcare. Essentially, they are opportunists that are after targets big on cash,” says Adrian Hia, Managing Director for Asia Pacific at Kaspersky.

Ransomware targeting businesses in SEA was highest in Indonesia with 32,803 incidents blocked by Kaspersky. Following behind is the Philippines with 15,208 ransomware attacks and Thailand with 4,841 cases. Malaysia came fourth with 3,920 malicious attacks, followed by Vietnam with 692, and Singapore with 107.

Businesses Are Hot Targets

“The impact of a ransomware attack can be very devastating, financially and reputationally. Not only organisations require high levels of resources to address the aftermath, they also face the consequences of operation disruptions and downtime, followed by recovery time. These are not options, especially for critical infrastructure and service providers,” adds Hia.

Recent high-profile incidents that include Indonesia National Data Centre, Malaysia public transport operator and local health pharmacy chain, Philippines health insurance provider, Singapore famous restaurant group, and major brokerage firm and gasoline service company in Vietnam are evidence of the malicious threat that is persistently attacking businesses in the region.

“While there are growing global efforts to combat ransomware such No More Ransom initiative, of which Kaspersky is a part of for the eighth consecutive year, and some governments in the SEA region have enacted cybersecurity laws while others are working towards the same, it can never be reiterated enough that companies and organisations also have their parts to play to bolster cybersecurity defence,” adds Hia.

Kaspersky’s Recommendations vs. Ransomware

To protect your business from ransomware attacks, Kaspersky’s experts recommend the following:

1.  Always keep software updated on all the devices to prevent attackers from exploiting vulnerabilities and infiltrating organisation’s network.
2. Promptly install available patches for commercial VPN solutions providing access for remote employees and acting as gateways in your network.
3. Back up data regularly and ensuring they can be accessed quickly when needed or in an emergency.
4. Avoid downloading and installing pirated software or software from unknown/unverified sources.
5. Assess and audit your supply chain and managed services access to your environment. Kaspersky offers compromise assessment services.
6. Do not expose remote desktop/management services (such as RDP, MSSQL, etc.) to public networks unless absolutely necessary and always use strong passwords, two-factor authentication and firewall rules for them.