Cyber Attacks Using USB Drive Increase In Southeast Asia

USB illustration (photo: Unsplash)

JAKARTA - Along with the increasing number of businesses focused on online network security, offline removable devices, such as USB drives are also increasing.

In 2024, Kaspersky detected and prevented nearly 50 million malware attacks on devices targeting businesses in Southeast Asia (SEA).

Singapore recorded the highest spike between offline attacks in 2023 and 2024 (88%), followed by Malaysia (47%), Vietnam (25%), Thailand (20%), and the Philippines (16%). Only Indonesia recorded a slight decline in local threats by -3% compared to last year.

Kaspersky explains that usually, cybercriminals use USB drives, external hard drives, or other removable media, to deliver malicious software to the target system.

Unlike traditional cyber attacks that rely on internet connectivity, these attacks exploit the trust users put on physical devices.

"Towards the end of 2024, our experts are uncovering a worrying case where USB drives are safe, developed by a government entity in Southeast Asia to securely store and transfer files in sensitive environments, have been compromised," said Yeo Siang Tiong, General Manager for Southeast Asia in Kaspersky.

The malicious code has been injected into this access management software will allow criminals to steal confidential files from the drive safe partition.

As offline malware attacks continue to develop, Yeo appealed to all businesses and organizations in Southeast Asia to remain vigilant and proactive in their cybersecurity efforts.

"By understanding cyber risks and applying strong defenses, organizations can protect themselves from this growing threat," he added.