CFOtech Asia logo
Technology news for Asia's CFOs and financial decision-makers
Story image

Majority of execs in SEA anticipate ransomware attacks

The majority of business executives in South East Asia anticipate data theft, APT, and ransomware attacks, according to a new study from Kaspersky.

With the many news reports highlighting the damages of cyberattacks against businesses and countries as a whole, Kaspersky's fresh study revealed the heightened awareness of business executives in Southeast Asia about the sophisticated risks online. Data theft, alongside Advanced Persistent Threat (APT) attacks and ransomware infections, are the highest on their list of concerns.

The study, titled How business executives perceive ransomware threat, surveyed a total of 900 senior non-IT management (such as CEOs, VP, and Director level) and business owners or partners at companies with 501000 employees. Conducted last April, the study was done globally with 100 executives from SEA.

When asked to assess the possibility of different types of cybersecurity incidents, data theft, also known as data breach, is the threat that the respondents from SEA are most concerned about (77%). This does not come as a surprise as news about data breaches across the region were being reported almost regularly with wide victimology from e-commerce companies, digital services provider, hotel chains, insurance and health companies, and even government agencies.

Data theft the illegal transfer or storage of personal, confidential, or financial information is closely followed by an APT attack (75%), and a ransomware attack (73%).

An APT attack uses continuous, clandestine, and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged period of time, with potentially destructive consequences. Because of the level of effort needed to carry out such an attack, APTs are usually leveled at high-value targets, such as nation states and large corporations, with the ultimate goal of stealing information over a long period of time.

Ransomware, as the name suggests, is malicious software designed to block access to a computer system or encrypt its data until a sum of money (a ransom) is paid. These attacks have been carried out on individuals or corporations.

The anticipation for these three damaging attacks is higher among SEA-based business leaders as compared to the global average by more or less double-digit margins.

However, the same study revealed that while the majority of the respondents anticipate a ransomware attack, almost 7 in every 10 (65%) of them believe that the possibility of my organization being exposed to a ransomware attack is too small to worry about.

A majority (81%) of the surveyed non-IT executives in SEA also trust that the security measures they have in place are enough to protect them from a ransomware attempt.

"At first glance, it is good to see that the business executives here are confident about their security posture to defend their organisations against damaging online attacks such as ransomware," says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

"We should, however, be careful about not letting confidence breed complacency because the reality is a ransomware attack is not something too small for enterprises to be worried about," he says.

"Even though 72% of our respondents from SEA believe that ransomware attacks are being shown as a bigger threat than they actually are by the media, this type of threat is actually evolving and is transforming into a bigger menace that our security systems and IT staffs should be ready for."

Since 2020, Kaspersky experts have been warning about Ransomware 2.0. Almost always a targeted ransomware, Ransomware 2.0 refers to cybercriminal groups who moved from hostaging data to exfiltrating data coupled with blackmailing. The aftermaths of a successful attack include significant monetary loss and damaging reputation loss.

This type of attack goes beyond kidnapping a company's or an organizations data. These groups are utilising the increasingly valued digital reputation to force their prey to pay a hefty ransom.

As of 2020, at least 61 entities from the region were breached by targeted ransomware groups including companies from light industry including the manufacturing of clothes, shoes, furniture, consumer electronics and home appliances; public service, media and Technology, heavy industry including oil, mining, shipbuilding, steel, chemicals, machinery manufacturing; finance, and logistics.

The infamous ransomware groups Kaspersky experts closely monitor include REvil, LockBit, Conti, and more.

To help organisations protect their systems from ransomware and other sophisticated attacks, Kaspersky experts recommend the following:

  • Always keep up-to-date copies of your files so you can replace them in case they are lost (e.g. due to malware or a broken device). These should be stored not only on a physical device but also in cloud storage for greater reliability. Make sure you can quickly access your backups in the event of an emergency.
  • Keep your OS and software patched and up to date.
  • Train all employees on cybersecurity best practices while they work remotely.
  • Only use secure technologies for remote connection.
  • Carry out a security assessment on your network.
  • Enterprise companies are recommended to use anti-APT and EDR solutions, enabling capabilities for advanced threat discovery and detection, investigation and timely remediation of incidents, as well as to have access to the latest threat intelligence. An MDR provider could help to effectively hunt any advanced ransomware attack. All of the above is available within Kaspersky Expert Security.
  • Follow the latest trends via premium threat intelligence subscriptions, like Kaspersky APT Intelligence Service.
  • Know your enemy: identify new undetected malware on premises with Kaspersky Threat Attribution Engine.
  • If you become a victim, never pay the ransom. It wont guarantee you get your data back but will encourage criminals to continue their business. Instead, report the incident to your local law enforcement agency. Try to find a decryptor on the internet you can find some of these available at nomoreransom.org.
  • Never follow demands of the criminals. Do not fight alone - contact Law Enforcement, CERT, security vendors like Kaspersky. 
     
Related stories
Top stories
Story image
Confluent
Confluent reimagines data pipelines with Stream Designer
It will accelerate the shift to real-time with the industry's 1st visual interface for building, testing, and deploying data pipelines natively on Apache Kafka.
Story image
Sustainable IT
WQR: 72% orgs link quality engineering to sustainable IT
The report also highlights that 85% of organisations consider quality engineering pivotal in implementing emerging technologies into real-world use cases.
Story image
IT Automation
Intel hits key milestone in quantum chip production research
Intel demonstrates exceptional yield of quantum dot arrays, showing promise for large-scale qubit production using transistor fabrication technology.
Story image
Digital Transformation
Equinix invests in Indonesia with a $74m data centre
The centre will be strategically located near the largest internet exchanges to meet the country’s growing digital needs.
Story image
Cybersecurity
APAC orgs embracing Zero Trust Security, reveals Okta
Zero Trust Security helps organisations thrive in the era of hybrid work and increasingly sophisticated cyber threats.
Story image
Fintech
New report highlights opportunities and challenges of Super Apps for banking sector
"Staying ahead of the game means predicting where tomorrow will take us, as well as recognising where things currently stand."
Story image
Distributed Denial of Service
Sysdig reveals a loss of $53 for every $1 cryptojackers gain
The 2022 Sysdig Cloud Native Threat Report breaks down supply chain attacks against containers and how geopolitical conflict influences attacker behaviours.
Story image
Sustainable IT
Equinix commits US$50 million to advance digital inclusion
Establishes the Equinix Foundation, an employee-driven charitable organisation, to advance digital inclusion through grants and strategic partnerships.
Story image
Work from home
Jamf showcases new products to simplify and secure work
At the 13th annual Jamf Nation User Conference, the company shared how its continuous product innovation is helping organisations succeed with Apple.
Story image
Observability
Gigamon named leading vendor in deep observability market
650 Group has published a report, recognising Gigamon as the leading vendor in the deep observability market for 2022.
Story image
Cloud
HashiCorp research shows organisations benefit from multi-cloud strategies
The survey highlighted the need for organisations to centralise and automate cloud efforts via platform teams in order to increase operational efficiency.
Story image
Legacy
Trellix enables greater cyber resiliency with extended XDR platform
"Legacy SIEM technology has failed to modernise security operations. We are confident Trellix XDR fills this critical gap.”
Story image
Microsoft
UiPath and Microsoft partner to empower best-in-class automation
"Together, we are helping customers realise and achieve the business value of automation at scale. We are excited to deliver substantial, integrated cloud offerings.”
Story image
Cloud
IBM releases Transformation Index to assist cloud innovation
IBM has released its Transformation Index: State of Cloud, commissioned by the company and conducted by an independent research firm.
Story image
Ransomware
Commonwealth tackling rising cybercrime threat in Asia
Ransomware, identity theft, and virtual security attacks identified as growing threats to security and economic growth.
Story image
Customer Relationship Management
NetSuite introduces CPQ to help organisations simplify sales process
NetSuite CPQ is the only native configure, price and quote solution built on the NetSuite platform. It works with NetSuite ERP, CRM, and eCommerce solutions
Story image
Virtual Private Network
BT enhances global Cardway portfolio with Mako Networks
BT has announced a significant enhancement to its Cardway portfolio of payment solutions following the signing of a global agreement with Mako Networks.
Story image
Amazon Web Services
Infor named Leader in 2022 Gartner Magic Quadrant for Cloud ERP
For the second consecutive time, Infor has been positioned as a Leader in the 2022 Gartner Magic Quadrant for Cloud ERP for Product-Centric Enterprises.
Story image
eCommerce
New FedEx report reveals biggest trends in eCommerce
The report shows that SMEs and consumers agree that there's room for further growth in the already booming eCommerce sector.
Story image
Digital Transformation
How businesses can stay connected with their clients in a digital environment
Staying connected in a virtual world requires strong communication and collaboration, especially with many workplaces adopting a work-from-anywhere business model.
Story image
Workflow Automation
NetSuite announces SuitePeople Workforce Management
Oracle NetSuite has announced NetSuite SuitePeople Workforce Management, a solution created to help organisations manage labour costs and profitability.
Story image
Cloud
Workday expands skills cloud and announces new HCM customer
Workday has expanded its skills cloud service and has also announced that Busy Bees Learning has selected the company's HCM solution as part of an overall HR transformation. 
Story image
IT Automation
Tech job moves - Adobe, Ambit, blueAPACHE, Cue & DC Blox
We round up all job appointments from September 26-,30 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
IT infrastructure
Kyndryl launches open solution, powered by co-creation
Kyndryl Vital is led by global teams of designers who work alongside customers and partners to define and solve complex problems with innovation.
Story image
Oracle NetSuite
NetSuite Launches Ship Central to improve warehouse operations
NetSuite WMS and Ship Central offer warehouse operations across SKUs, processes, and locations. NetSuite WMS eliminates manual processes
Story image
Artificial Intelligence
Fortinet advances AIOps to aid the hybrid workforce
"We’re continuing our commitment to AI innovation by delivering AIOps capabilities across our robust portfolio of enterprise networking technology."
Story image
Sustainable IT
Adobe surveys sustainability at work in Hong Kong employees
The top three sustainability practices are reducing paper usage (46%), digital document storage and management (43%), and curbing electricity consumption (37%).
Story image
Cloud
MYOB provides efficiency boost with new inventory solution
Premium Inventory is an integrated solution that helps goods-based businesses improve efficiency, reduce costs and increase cashflow.
Story image
Revenue management
BillingPlatform improves offerings to foster customer revenue growth
BillingPlatform has enhanced its platform and products with a focus on helping customers drive revenue growth through improved CPQ functionality, new B2B digital commerce capabilities and expanding its payment integrations to include Stripe, Stax Payments and Adyen.
Story image
Data analytics
COVID-19 relief innovation takes 2022 SAS Hackathon crown
In COVID-19’s wake, more than 287,000 MSMEs joined JakPreneur, a collaborative government platform that links entrepreneurs and stakeholders
Story image
IT in Manufacturing
Five ways manufacturers can benefit from a purpose-built ERP
As the manufacturing world rapidly evolves to meet new challenges, many organisations are working to define a new roadmap to success.
Story image
Malware
OpenText reveals nastiest malware of 2022, with Emotet at the top
OpenText threat intelligence experts combed through the data, analysed different behaviours, and determined which malicious payloads are the nastiest.
Story image
Software-as-a-Service
Intel accelerates innovation with software-first approach
Intel introduced new services and tools in AI, security and quantum computing to help developers reduce time-to-market and increase performance and security.
Story image
DevOps
Disparate data causing headaches for A/NZ businesses
Gone are the days when developers could get away with merely producing code. Many are now expected to be accountable for their code, which should be ‘clean’, right up to deployment.
Story image
Tax
BlackLine adds tax hyperautomation capabilities to its solutions
The extension to BlackLine's intercompany solutions comes in response to organisations facing increasing intercompany tax scrutiny globally.
Story image
Cybersecurity
Swift successfully pilots its Securities View capability
The new capability significantly increases transparency in post-trade processing while preventing costly settlement fails; it will be widely available in 2023.
Story image
Subscriptions
Denodo targets mid-market with new subscription models
These new subscriptions will help mid-market companies to streamline data integration and accelerate speed to insights.
Story image
Digital Transformation
NEC Corporation and Red Hat expand global collaboration
NEC Corporation and Red Hat have announced an expanded global collaboration to drive IT modernisation and digital transformation on Red Hat OpenShift.
Story image
Cybersecurity
Best practices for industrial cyber resilience
Operational technology (OT) security is gaining more attention than ever before, but sufficient understanding of what it takes to prevent breaches is still lacking amongst many organisations.
Story image
Artificial Intelligence
Exclusive: Uniphore shares how Conversational AI can be the key to business success
Conversational AI and Automation are vital tools to help further promote organisational cohesion and communication, and Uniphore is leading the charge.
Story image
Network Management
Data is growing at breakneck speed, but are we optimising its value?
Data lies at the heart of digital transformation, as every digital touchpoint translates to a data point. In this digital-first world, data is being created everywhere today – at breakneck speeds.