Cyber threats surge in APAC region, reveals Group-IB report
The global cybersecurity leader, Group-IB, has recently divulged its detailed Hi-Tech Crime Trends 23/24 report, exposing the ever-changing landscape of cyber threats across the Asia-Pacific (APAC) region. The report shows a sharp upswing in ransomware attacks, amplified data leakages, and a shift in focus to the APAC by advanced and sophisticated threat actors.
The research contains alarming statistics: a 39% surge in ransomware attacks in the APAC, predominantly impacting the manufacturing and real estate sectors; an escalation in the threat landscape in Thailand with a 28% increase from 29 to 37 victims traced on Data Leak Sites (DLSs); a significant 34% of global attacks were focused on APAC organisations, partially attributed to its superior financial technology and geopolitical tensions; and an inaugural Trojan for iOS, GoldPickaxe.iOS, suggesting advanced threat actors are increasingly targeting Apple's operating system.
Moreover, Group-IB reported 338 new cases of data leakage in APAC and over 412 million user data strings compromised, with India, Indonesia, and Thailand being hit the hardest. There was also a noticeable increase in the number of infected hosts in APAC listed on Underground Clouds of Logs (UCLs) - a primary source of data for infected hosts - with a 23% rise to almost 400,000.
The APAC region has emerged as a prime target for Advanced Persistent Threats (APTs), predominantly due to its technology advancement and geopolitical tensions. In fact, two previously unidentified APT groups, Dark Pink and Lotus Bane, targeted the broader APAC region and Vietnam, respectively.
Significantly, Australia was amongst the nations reporting the highest number of ransomware and compromised card incidents, with over 225,910 detected over the year. This corresponded to a 39% escalation in ransomware attacks in APAC, predominantly impacting manufacturing and real estate companies.>
The report further revealed that specifically Australia and India remained the most targeted nations by Ransomware-as-a-Service (RaaS) affiliates. Another worrisome discovery was the impact of information stealers resulting in over 399,682 devices in APAC being infected and their logs made accessible on Underground Clouds of Logs (UCL).
Group-IB experts purported that Advanced Persistent Threats (APTs) could be attributed to 523 attacks on global organisations, out of which a significant 34% were on APAC organisations. The data suggested that the high level of financial technology development and geopolitical tensions in the APAC region made it a lucrative target.
In the evolving threat landscape, two previously unknown APT groups were discovered - Dark Pink, targeting the broader APAC and Europe, and Lotus Bane, focused predominantly on Vietnam. Evermore intriguing was the discovery of the first iOS Trojan harvesting biometric data, GoldPickaxe.iOS, foreshadowing threat actors' increased focus on Apple's operating system.
Ransomware threats continued to storm through last year with a marked increase in companies experiencing compromises to their critical systems and exposure of sensitive information. A concerning 463 companies in the APAC region had their data published on ransomware Data Leak Sites (DLSs), approximately a 39% increase from the previous year.
We cannot ignore that the actual number of ransomware threats is believed to be significantly higher as many victims opt to pay the ransom and some ransomware groups do not use DLS. Furthermore, there has been a notable uptick in the illicit carding market which could be attributed to the increased use of JavaScript sniffers (JS-sniffers) and the rising popularity of information stealers.
The dramatic upsurge in cyber-attack incidents highlights the urgent need for more robust cybersecurity strategies and countermeasures, especially in the rapidly evolving digital landscape of the Asia-Pacific region.