APAC Region. PHOTO: Cybercrime Magazine.

Asia-Pac Region Combats Ransomware And Cyber Espionage

81 percent of companies suffered a cyberattack last year

David Braue

Melbourne, Australia – Apr. 2, 2021

With billions of citizens and a significant share of the world’s economic activity, the Asia-Pacific region is a hotbed of innovation. Yet for all its benefits, that high-growth, fast-paced business activity has put the region’s companies on the front line of cybersecurity compromise this year as a ransomware explosion compounds the already significant baseline of cyber compromise.

Fully 81 percent of companies in a recent Trend Micro study said they had suffered a cyberattack during 2020 — with 18 percent hit seven or more times throughout the year and 76 percent expecting that they will be hit by a cyberattack this year.

The figures reflect a “significant increase in cyber risk” during 2020, the company said, noting that respondents flagged ransomware as the top cybersecurity risk — with man-in-the-middle attacks, clickjacking, phishing and social engineering, and botnets filling out the top five.

Key concerns from cybersecurity compromise included the impact on customer turnover, stolen or damaged equipment, lost trade secrets and other intellectual property, disruption or damage to critical infrastructure, and a decline in productivity.

The robust economies of financial centers like Hong Kong, Singapore and Sydney have made them particular targets for financially motivated cybercriminal campaigns, with “double-extortion” ransomware — in which criminals not only lock data and demand a ransom for its release, but exfiltrate data and threaten to publish it on the dark web if the ransom isn’t paid.

Double-extortion ransomware has become a major new threat globally — as evidenced in countries like Australia, where a reported two-thirds of companies suffered a ransomware attack last year and the rate of ransomware attacks is well above global averages.

Last year saw the publication of data from ransomware-hit Australian companies like major manufacturer Bluescope Steel and logistics giant Toll Group, and the attacks are expected to continue being a significant problem everywhere this year.

Yet such tactics could potentially take on a different tenor in the APAC region, where a massive industrial manufacturing complex already traffics heavily in sensitive design, R&D and other data.

The high density of manufacturing and industrial secrets has lent a particular flavor to cybercriminal activity, with Verizon’s recent Cyber-Espionage Report finding that cyber-espionage breaches were far more common in the Asia-Pacific region — accounting for 42 percent of such breaches globally — than in Europe (34 percent) and North America (23 percent).

Government and manufacturing organizations are most frequently targeted “by a large margin,” the firm found, with cyber-espionage breaches often running as low-and-slow campaigns targeting data that is “some of the most important in terms of secrecy, sensitivity, and business criticality.”

Fully 85 percent of such cyber incidents were by state-affiliated cyber attackers, Verizon said, with 69 percent of breached victims taking months or years to discover what had happened.

Nearly every analysis of 2020’s COVID-augmented cybercriminal landscape has predicted more of the same for APAC businesses this year, with the massive success of ransomware making it the go-to attack for cybercriminals but — in the context of intense economic and political competition amongst the region’s countries — targeted nation-state attacks also a particular part of the landscape.

Chinese, North Korean, and Russian-affiliated hacking groups are routinely attached to successful cybersecurity attacks in the region — a point that has not been lost on national cybersecurity agencies in countries like Malaysia, which recently approved a five-year cybersecurity strategy, and Australia, which in recent years has been formalizing its cybersecurity defense structures to reflect rapidly changing regional dynamics.

Reflecting its role as a regional economic and political arbiter, Australia last year updated its own strategy with a significant funding commitment and a more aggressive stance that allows law-enforcement bodies to conduct proactive cyber campaigns and, more recently, to proactively delve into dark web sites to disrupt cybercriminal activity.

Countries like Indonesia aren’t far behind, with Nur Achmadi Salmawan — director of the country’s National Cyber and Crypto Agency — recently telling a Kaspersky online forum that it was finalizing a national cybersecurity strategy (Indonesian or translated) that would address physical, logical, and social layers.

Threats at each layer were presenting their own challenges for 2021, he said, flagging the importance of a “quad helix” of stakeholders — including government, businesses, academic, and the public — in working together to protect the country’s interests.

“In our country, social media becomes the weapon for some people or organizations to manipulate information to lead opinion for their own interests,” he said. “We have to utilize all potential components in our nation to overcome the threat that we have to face.”

– David Braue is an award-winning technology writer based in Melbourne, Australia.

Go here to read all of David’s Cybercrime Magazine articles.