Majority Of Business Executives In Southeast Asia Worried About Data Theft, APT, And Ransomware Attacks

Data theft is the most worrying threat in Southeast Asia (photo: Kaspersky)

JAKARTA - With news reports highlighting the damage to businesses and the country as a whole from cyberattacks, a recent Kaspersky study reveals the growing awareness of business executives in Southeast Asia (SEA) about the sophisticated risks of cyberspace.

Data theft, alongside Advanced Persistent Threat (APT) attacks and ransomware infections, is high on their list of concerns.

The study titled “How business executives perceive ransomware threat” surveyed a total of 900 non-IT senior management (such as CEO, VP, and Director level) and business owners or partners in companies with 50–1000 employees. Conducted last April, the study was conducted globally with 100 executives from Southeast Asia.

When asked to rate the likelihood of different types of cybersecurity incidents, data theft, also known as data breaches, was the threat most worried by respondents from Southeast Asia (77%). This was followed by APT attacks (75%), and ransomware attacks (73%).

APT attacks use advanced, covert and advanced hacking techniques to gain access to a system and stay in it for a long time, with the potential for significant damage.

Because of the level of effort required to carry out such attacks, APTs typically target high-value targets, such as countries, nations and large corporations, with the ultimate goal of stealing information over a long period of time.

Ransomware, as the name suggests, is malicious software designed to block access to a computer system or encrypt its data until a certain amount of money (ransom) is paid. These attacks have been carried out against individuals or companies.

Anticipation for these three types of destructive attacks is higher among business leaders based in Southeast Asia than the global average by a margin of more or less double digits.

However, the same study revealed that although the majority of respondents anticipated a ransomware attack, nearly 7 out of every 10 (65%) of them believed that “the chances of my organization being hit by a ransomware attack are too small to be a cause for concern”.

The majority (81%) of non-IT executives surveyed in Southeast Asia also believe that their security measures are sufficient to protect them from ransomware attempts.

“It's good to see that business executives in Southeast Asia are confident in their security posture to defend their organizations against destructive online attacks like ransomware,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

However, further, Yeo said that we must remain careful not to let self-confidence breed complacency because the reality is that a ransomware attack is not something too small for companies to worry about.

By 2020, at least 61 entities from the Southeast Asia region had fallen victim to targeted ransomware groups including companies from light industries including clothing, shoe, furniture, consumer electronics, and home appliance manufacture; public services, media and technology, heavy industry, oil, mining, shipbuilding, steel, chemicals, machinery manufacturing; finance, and logistics.

Notable ransomware groups monitored by Kaspersky experts include REvil, LockBit, Conti, and many more.