Enterprises in Southeast Asia (SEA) continue to face a wave of ransomware attacks that increased sharply in 2024. According to the latest report from Kaspersky, over the past year, the region has recorded an average of 400 cyber blackmail attacks per day.
X-ray, as the name suggests, is a type of malware designed to lock access to the system or encrypt data, forcing victims to pay a fee to regain control. This form of attack is not only targeting individuals but is also increasingly popular in the business environment.
As of January to December 2024, Kaspersky's enterprise security solutions detected and blocked a total of 135,274 ransomware attacks targeting organizations in Southeast Asia.
Enterprises in Indonesia recorded the highest number of ransomware attacks in the region with 57,554 attacks. Followed by Vietnam (29,282) and the Philippines (21,629).
Notably, Malaysia saw a spike in the number of ransomware attacks, up 153% year-on-year, from 4,982 in 2023 to 12,643 in 2024, according to Kaspersky statistics.
In 2024, Southeast Asia witnessed many serious ransomware attacks, targeting key targets such as national data centers, postal service providers, government portals for foreign workers and the retail industry.
With the increasingly sophisticated ransomware attack wave, it shows the cybercriminals deep understanding of cyber infrastructure is increasing, said Adrian Hia, CEO of Asia-Pacific.
That is the wake-up call for the urgency of building a solid cybersecurity system, in the context of cybercriminal groups constantly improving their cyber attack techniques and exploiting even the most seemingly familiar vulnerabilities, Mr. Hia emphasized.
According to recommendations from cybersecurity experts, to minimize the risks of ransomware attacks, individuals and businesses need to prioritize and implement the following cybersecurity measures:
- Equip yourself with powerful and optimally configured security solutions for the system.
- Proactively track and detect threats through cybersecurity solutions such as Managed detection and response (MDR).
- turn off unused gates and services to reduce the attack surface and limit weaknesses in the system.
- Regularly conduct security checks, assessments and periodic vulnerability scans to quickly identify, handle and overcome security weaknesses.
- Organize comprehensive cybersecurity training courses for employees to raise awareness of online threats and equip them with the best cybersecurity precautions.
- Establish and maintain a regular backup of important data, while periodically checking recovery capabilities.
- Use Threat Intelligence to track the latest tactics, techniques and processes (TTPs) used by cybercriminal groups, thereby adjusting the network threat detection mechanism accordingly.
- Carefully monitor newly installed or active software on the system, including legitimate software.
