Drop in ransomware targeting Thai, other Southeast Asian businesses
Global cybersecurity company Kaspersky reported a significant decrease in the number of ransomware attempts it has detected and foiled among its small and medium-sized business (SMBs) users in Southeast Asia (SEA).
In its latest Kaspersky Security Network (KSN) report, the company revealed less than one million ransomware attempts (804,513) were monitored in 2020, less than half of 2019’s over 1.9 million detections.
Among the six SEA countries, only Singapore observed an uptick in the number of ransomware detections.
There was a slight increase from 2,275 instances in 2019 that jumped to 3,191 in 2020.
Although Indonesia still ranked fifth globally for the volume of its ransomware detections, its 1,158,837 detections are now down to 439,473.
The trend of decreased ransomware incidents was observed across other countries in the region including Thailand, Vietnam, the Philippines and Malaysia.
China remains at the top spot in terms of ransomware detections globally both for 2019 and 2020. Meanwhile, Brazil and Russia switched places for the second and third spots, with Brazil being second globally in 2020.
“I looked at the statistics for individual families and it follows the overall decrease in the number of detections, mainly due to the drop in the number of WannaCry detections. This family makes up a significant share of all detected ransomware, despite the fact that it has not been supported by the creators for more than three years and exists as a ‘zombie’,” Kaspersky security researcher Fedor Sinitsyn said.
One of the most persistent cyber threats to SMBs in the region remains ransomware, a malware designed to infect computers, encrypt data and block access to them.
Ransomware attackers then demand a fee from the victims in exchange for enabling the system to work again.
Such attacks may be declining but Kaspersky has been issuing a warning to companies big and small against the increasing activities of Ransomware 2.0, or what’s known as targeted ransomware.
This cybersecurity “disease” goes beyond "kidnapping" data. Malicious ransomware groups are now conducting data exfiltration coupled with blackmailing.
Using pressure tactics, these cybercriminals threaten to publish the data they hold, further increasing the need for victims to pay ransom to protect their valued reputation.