JAKARTA - Kaspersky's new study shows that data theft, alongside Advanced Persistent Threat (APT) attacks and ransomware infections, is high on the list of concerns for business executives in Southeast Asia (SEA).
When asked to rate the likelihood of different types of cybersecurity incidents, data theft, also known as data breaches, was the threat most worried by respondents from Southeast Asia (77%). This was followed by APT attacks (75%), and ransomware attacks (73%).
Since 2020, Kaspersky experts have been warning about “Ransomware 2.0”. Almost always “targeted ransomware” or Ransomware 2.0 refers to a group of cybercriminals moving from data hostage to data exfiltration coupled with extortion.
By 2020, at least 61 entities from the Southeast Asia region had fallen victim to targeted ransomware groups including companies from light industries including clothing, shoe, furniture, consumer electronics, and home appliance manufacture; public services, media and technology, heavy industry including oil, mining, shipbuilding, steel, chemicals, machinery manufacturing; finance, and logistics.
Notable ransomware groups monitored by Kaspersky experts include REvil, Lock Bit, Conti, and many more.
To help organizations protect their systems against ransomware and other sophisticated attacks, Kaspersky experts recommend the following:
Always update copies of files so that you can replace them if they are lost (eg due to malware or a faulty device). It should be stored not only on physical devices but also on cloud storage for greater reliability. Make sure you can quickly access your backups in case of an emergency. Keep your OS and software up to date. Train all employees on cybersecurity best practices as they work remotely. Only use secure technology for remote connections. Perform a security assessment on your network. Mid-level companies are advised to use anti-APT and EDR solutions, which enable capabilities for advanced threat discovery and detection, timely incident investigation and repair, and have access to the latest threat intelligence. MDR providers can help hunt down advanced ransomware attacks effectively. Know your enemies: identify new, undetected malware. If you become a victim, never pay the ransom. This will not guarantee you get your data back but will encourage cybercriminals to continue their business. Instead, report the incident to your local law enforcement agency. Try to look for a decryptor on the internet you can find it at numberseransom.org. Never follow the demands of cybercriminals. Don't fight alone, contact Law Enforcement, CERT, security vendors like Kaspersky.The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)