Ransomware attacks likely to rise this year, Kaspersky warns
EXTENDED detection and response (XDR) solutions can help protect users against cyberattacks, as attempts to steal data via ransomware are expected to increase this year, cybersecurity company Kaspersky said.
Cybersecurity experts, speaking at a Feb. 28 event held by Kaspersky, recommended XDR solutions for improved visibility, better protection, and faster response time for such attacks.
XDR solutions don鈥檛 only deal with known malware, but also the grey area of lesser-known and unknown threats, according to Victor Chu, Kaspersky鈥檚 head of systems engineering of Southeast Asia for enterprise cybersecurity.
He added that these solutions correlate data at all layers and across all components of a company鈥 information technology infrastructure while using analytics to detect and analyze possible threats.
Mr. Chu said ransomware attacks have become more sophisticated. Its current iteration, Ransomware 3.0, inflicts wider financial and reputational damage among companies by also alerting their stakeholders, their customers, and the press about the cyberattack to force these firms to pay the ransom.
鈥淭riple extortion is what targeted attacks are all about,鈥 he said.
He said attackers shame companies and then sell their data to cybercriminals if they do not pay up.
A 2022 study by Kaspersky found that almost all (82.1%) business executives in Southeast Asia opt to pay the ransom demanded by these cybercriminals. Almost half (47.8%) also said they paid the ransom as soon as possible in exchange for immediate access to their business data.
鈥淲e highlight ransomware because it鈥檚 becoming very entrepreneurial,鈥 said Yeo Siang Tiong, Kaspersky鈥檚 general manager for Southeast Asia, noting that ransomware-as-a-service has become prevalent.
He cited as an example a ransomware-as-a-service provider called Lockbit, which employs targeted attacks against enterprises and other organizations. Among its known victims are an IT service provider, a private school in Malaysia, and a food manufacturer in Singapore.
鈥淢alicious actors, like the Lockbit ransomware group, invest considerable time in up-front intelligence gathering to determine who they will target, how they will target them, and the optimal timing of their attack. Modern targeted ransomware groups are set to disrupt more enterprises in Southeast Asia if we are not equipped enough to nip them in the bud,鈥 Mr. Tiong said.
鈥淟ots of organizations are running from behind,鈥 he added, but noted 鈥渢here is always a solution for everyone.鈥
A total of 304,904 ransomware attacks targeting businesses in Southeast Asia in 2022 were blocked by Kaspersky鈥檚 business solutions, the company said.
Indonesia recorded the highest number of incidents foiled by Kaspersky鈥檚 business-to-business solutions (131,779), followed by Thailand (82,438), Vietnam (57,389), the Philippines (21,076), Malaysia (11,750), and Singapore (472). 鈥 Patricia B. Mirasol
