sb-nz logo
Story image

APAC is now a 'honeypot' for cyber attacks as most targeted region in the world

16 Mar 2017

Trend Micro’s latest report says that Asia Pacific region was something of a giant honeypot for cyber attacks last year, topping out other parts of the world and complementing a ‘record’ year for extortion, the company says.

The 2016 Global Roundup Report showed that business email compromise (BEC) scams and vulnerbilities in SCADA systems were both trending upwards.

“It is hardly surprising that enterprises today are facing a surge of known and unknown threats. Known threats are growing – globally, we blocked over 80 billion attacks attempting to cause havoc in 2016 alone. On top of dealing with those, the industry is increasingly combatting unknown threats that are appearing at the rate of 500,000 per day.” says Trend Micro’s Asia Pacific managing director Dhanya Thakkar.

Overall, Trend Micro blocked 435,709 exploit kits in APAC in Q4 alone - the highest of all global regions. RIG accounted for 307,000; Magnitude accounted for 106,000 and Sundown accounted for 12,000. Trend Micro says they are able to take advantage of unpatched vulnerabilities and zero-days, 18% were also used to deliver ransomware.

 There were also 317,833 detections of online banking malware in APAC - three times the amount found in North America, and six times more than in Latin America. ATMs using Windows XP were popular targets. Banking trojans and skimmers were also popular.

APAC was also hit hardest by ransomware attacks, with 27% of attacks on enterprises and individuals. This is compared to 25% in EMEA and 22% in Latin America. With ransomware attacks surging 752%, the threats are hauling in US$1 billion in ransoms.

“In 2017, open source ransomware and ransomware-as-a-service (RaaS) will continue to make stealthy extortions accessible for cybercriminals running their own ransomware operations. Given that, enterprises in the region are advised to deploy multi-layered security solutions incorporating machine learning capabilities to counter ransomware infections,” Trend Micro says.

 BEC scams across APAC gained ground particularly in Hong Kong, Japan and India. They are three of the 92 countries affected. 

Meanwhile, the Mirai botnet has claimed an estimated 100,000 compromised connected devices. Trend Micro says the attacks on IoT devices and distributed denial-of-service (DDoS) attacks are still growing.

“The onslaught of mixed attacks emphasizes the importance of strengthening one’s cybersecurity posture and adopting a cross-generational security approach capable of handling both the influx of known attacks and the rise of unknown threats designed to evade the conventional security software,” Thakkar concludes. 

Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
Mobile devices biggest enterprise security threat - report
Businesses have left themselves vulnerable and open to cyber criminals in the rush to ensure their workforce could operate remotely during the Covid-19 pandemic.More
Story image
Thycotic releases new integrations to bolster account governance
“Service accounts are often left defenceless, even by enterprises with established programs for privileged user security."More
Story image
Over half of ransomware victims pay up - but does it work?
"Handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice."More
Story image
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Story image
Why a more secure organisation is a collective responsibility
With vast volumes of data moving to the cloud, many IT professionals are frequently challenged to protect their enterprise environment, and there is a greater focus being placed on advancing cybersecurity strategies.More