The Asia-Pacific region was a honeypot for cyber attacks in 2016, according to Trend Micro, who found that APAC endured more cyber attacks across multiple threat types than any other region last year.
According to Trend Micro’s 2016 Global Roundup Report, 27% of ransomware attacks in 2016 were launched targeting enterprises and individuals based in APAC – the highest of all regions, followed by EMEA (25%) and Latin America (22%).
2016 marked a record year for online extortion, with ransomware families growing by a whopping 752% and netting $1 billion in monetary gains.
In 2017, open source ransomware and ransomware-as-a-service (RaaS) will continue to make stealthy extortions accessible for cybercriminals running their own ransomware operations. Given that, enterprises in the region are advised to deploy multi-layered security solutions incorporating machine learning capabilities to counter ransomware infections.
Other results show a similar pattern where Asia was something of a cyber-attack magnet:
317,833 online banking malware were detected in APAC, three times more than North America and six times more than Latin America – the second and third places respectively. ATMs running on outdated systems like Windows XP Embedded, which Microsoft ended security support for, proved to be popular targets. Banking Trojans and skimmers were two preferred attack methods by cybercriminals looking for quick cash.
In Q4 alone, Trend Micro blocked 435,709 exploit kits in APAC, the most of all regions. The top three kits leveraged in the region were RIG (~307k), Magnitude (~106k), and Sundown (~12k). In addition to their efficacy at directly taking advantage of unpatched system vulnerabilities and zero-day vulnerabilities, exploit kits were also used to deliver ransomware. Today, 18% of all known ransomware families arrive via exploit kits.
Business Email Compromise (BEC) campaigns acquired momentum and new victims in APAC last year. Brought to the public attention by the Bangladesh Central Bank cyber heist, the average loss resulting from a BEC attack hovers at $140,000. Currently, BEC scams are present in 92 countries worldwide; the most affected markets in the APAC region are Hong Kong, Japan, and India.
An important takeaway here is the sheer variety of attacks, which underscores the need for a cross-generational security approach in 2017, said Dhanya Thakkar, managing director of Asia Pacific for Trend Micro.
“It is hardly surprising that enterprises today are facing a surge of known and unknown threats. Known threats are growing – globally, we blocked over 80 billion attacks attempting to cause havoc in 2016 alone. On top of dealing with those, the industry is increasingly combatting unknown threats that are appearing at the rate of 500,000 per day,” Thakkar said. “The onslaught of mixed attacks emphasizes the importance of strengthening one’s cybersecurity posture and adopting a cross- generational security approach capable of handling both the influx of known attacks and the rise of unknown threats designed to evade the conventional security software.”