Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
From Enhanced Tax Stamps to AI Enabled Illicit Trade Intelligence syst...
/C O R R E C T I O N — Pismo/
Globe Teleservices Signs A2P Firewall Partnership with Cellcard Cambod...
Yiren Digital Launches Next-Gen Magicube Agent Platform Targeting $30 ...
August CVE with severity of 9.8 vulnerability amplified by ransomware ...
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      Psst… know anyone interested in selling his/her identity?

      Psst… know anyone interested in selling his/her identity?

      Tuesday, October 7, 2025, 10:30 AM Asia/Singapore | Features
    • Featured

      When failure is not an option

      When failure is not an option

      Monday, October 6, 2025, 3:02 PM Asia/Singapore | Features, Newsletter
    • Featured

      Fragmented data, fractured trust

      Fragmented data, fractured trust

      Tuesday, September 30, 2025, 3:09 PM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • Awards 2025
  • Directory
  • E-Learning

Select Page

Features

Combating the surge in Asia Pacific credential abuse and ransomware

By Victor Ng | Wednesday, September 17, 2025, 5:06 PM Asia/Singapore

Combating the surge in Asia Pacific credential abuse and ransomware

Is biometric-blockchain defense the answer to Asia Pacific’s credential abuse and ransomware surge?

Cyber incidents across Asia Pacific are on the increase, and AI-driven deepfakes are fueling social engineering, scams and ransomware.

As attackers escalate to quadruple-extortion tactics, company boards are asking how to keep identities untouchable and data immutable.

Venket Naga, CEO & Co-Founder, Serenity, argues that pairing biometric keys with a decentralized, tamper-proof ledger has become a security imperative. His team is building an owner-controlled, survivable blockchain infrastructure that removes shared passwords, seals records against corruption, and lets organizations recover even if primary systems are encrypted or wiped.

We find out more about this two-pronged approach…

According to Aon’s latest Cyber Risk Report, cyber incident frequency across Asia Pacific were up 29% in the last one year, AI-driven deepfake attacks resulted in a 53% increase in social engineering incidents year-over-year, and social engineering and fraud claims increased by 233%. Verizon Business’ 2025 Data Breach Investigations Report found that ransomware accounts for 51% of the total data breaches in the region. What do these ransomware and deepfake numbers reveal about credential abuse?

Venket: These figures paint a stark picture: identity is now the most exploited vulnerability. Ransomware used to be largely about software vulnerabilities, but today, it’s increasingly triggered by human factors, stolen or spoofed credentials, which are often acquired through deepfake-enhanced social engineering.

The surge in deepfake incidents demonstrates how easily attackers can now impersonate real people and bypass both human and some machine-level verification. IBM’s latest report revealed that stolen or compromised logins remain the hackers’ preferred method of attack, leaving companies an average of almost $4.8 million out of pocket each time.

The 53% increase in deepfake-related incidents indicates that attackers are now combining social engineering with AI, creating audio and video fabrications that can deceive even trained security teams. It reveals a systemic weakness: most enterprises still rely on passwords, email links, and identity systems that are inherently static, replayable, and impersonable. Credential abuse has become the most cost-effective and scalable entry point for cybercriminals.

What we’re seeing is that credential abuse is the primary vector. Without solving that, layered defenses become irrelevant. That’s why solutions that tie credentials to biometric identity and bind them cryptographically to non-replayable, decentralized infrastructure are becoming essential. These are necessary to restore trust in access control.

How frequent and destructive to businesses are double-, triple- or quadruple-extortion tactics, and wiper attacks?

Venket: Double and triple-extortion attacks are becoming a standard norm for ransomware gangs, especially in Asia Pacific, where companies still lack a transparent and efficient plan to handle these kinds of threats.

Recent reports have highlighted that 70% of ransomware attacks worldwide involve double-extortion tactics, where the attackers threaten the victims using the stolen data. In Asia Pacific, it’s even worse: nearly 4 in 5 attacks now come with multiple layers of pressure, from exposing customer information to contacting regulators or even targeting business partners. Triple extortion adds pressure by targeting the victim’s customers or supply chain.

Some ransomware groups have taken it a step further by handing out “extortion playbooks” to their affiliates, showing them exactly how to pressure victims at every stage. Apart from locking data, they teach how to steal it, leak it, and even go after customers or partners to maximize the impact.

Wiper attacks take an even darker turn. These attacks wipe out data completely. They’re less common; however, these types of disruptive tactics are often seen in industries like telecom, energy, and public services. Recovering from these attacks can increase the costs to $10 million.

How does pairing biometric keys with a decentralized ledger improve credential management and protection?

Venket: Pairing biometric keys with a decentralized ledger gives credential security two major upgrades: it makes identity harder to duplicate and systems harder to tamper with.

A biometric key, such as your fingerprint or face scan, is tied directly to you and is not something you can forget, lose, or accidentally hand over, making it a much better alternative to traditional logins.

When access policies are recorded on a blockchain, you create a layer of protection that’s tamper-resistant and publicly auditable. Attackers can’t silently change permissions or slip in through the back door without leaving a trace.

Instead of storing credentials in a cloud database or relying on device-bound apps, this model binds access directly to the individual through biometrics, like a fingerprint or face scan, and enforces access rules through smart contracts on the blockchain. Because the credential isn’t stored in one place or sent over the internet like a password or token, there’s nothing for attackers to intercept or steal. It can’t be phished, copied, or quietly altered by someone with admin access. The system simply doesn’t leave those doors open.

Which regulated sectors (e.g. finance, real estate, healthcare) are likely first-movers on decentralized data survivability?

Venket: The financial industry would be one of the earliest adopters of decentralized data survivability. Finance is the nervous system on which the economy of several industries relies on for their daily operations. Whether it’s to pay off their cost, generate revenue, or manage their risks, financial services are a critical component of a business. For these daily financial operations, companies are required to share sensitive information with a central figure, creating a potential single point of failure.

Through decentralized data survivability, companies’ data can survive and remain accessible, staying tamper-proof even if some nodes fail or get compromised. Similarly, this concept can be utilized to protect the customer’s KYC and personal information from being stolen by scammers.

The other sector would be real estate, especially since tokenization has made it much easier for investors to invest in growing industries. Dubai in particular has seen the adoption of tokenized real world-assets (RWA) rising, which will require decentralized safekeeping for property titles, mortgage data, and contractual metadata. Along with tokenization, we’ll be seeing decentralized storage for sensitive documents come into play over the next few months.

Healthcare systems would also crucially benefit from decentralized data survivability, as they manage the sensitive information of thousands of patients and employees. The global blockchain technology market in healthcare is expected to reach $214.86 billion by 2030, reflecting a gradual shift toward blockchain-based data infrastructure. With the sheer volume of data being processed daily, information must be securely managed, which necessitates protection within a decentralized storage environment.

With regulators amending their rulebooks and opening the doors for decentralization, we can expect to see a global demand for decentralized data survivability, and all industries to implement decentralization within their systems.

What shifts in policy or standards would speed adoption of biometric-blockchain security across Asia Pacific?

Venket: Over the years, we’ve seen the blockchain industry grow massively, yet some are still reluctant to join, especially when there is a lack of clear guidelines. The policy focuses on protecting citizens from malicious actors who misuse this tech and also promotes adoption. Although it’s gradually decreasing, there’s still a gap between innovation and regulation.

Most regulators still assume that a centralized figure must handle an individual’s identity. However, this creates an opportunity for scammers to steal data from a single point of failure. This is where regulators need to formally recognize the importance of decentralized identity frameworks and update their KYC/AML rules. 

Apart from updating its KYC/AML rules, regulators need to sit down to identify clear policies on encryption, storage, consent, and revocation. This step is crucial as businesses will always want to remain compliant with rules and regulations to avoid any mishaps. If biometric-blockchain systems lack clear guidelines, enterprises will be hesitant to adopt them.

In short, regulators need to update their rules. If the regulations catch up with innovation, we can expect a massive implementation of biometric-blockchain security across the Asia Pacific.

Share:

PreviousFormer-employee data breach exposes nearly 700,000 loan customers’ information
NextVIVOTEK Hosts Global Partner Summit, driving AI and Growth

Related Posts

Celebrating Valentine’s Day amid the pandemic: from roses to romance-baiting

Celebrating Valentine’s Day amid the pandemic: from roses to romance-baiting

Tuesday, February 16, 2021

The AI battlefield in cybersecurity

The AI battlefield in cybersecurity

Monday, August 21, 2023

Delving into the dark universe of the new Rogue malware’s creator

Delving into the dark universe of the new Rogue malware’s creator

Thursday, January 14, 2021

Know Thy Enemy: understanding the cybercriminal psyche

Know Thy Enemy: understanding the cybercriminal psyche

Friday, August 23, 2019

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
Slide
previous arrow
next arrow

CybersecAsia Voting Placement

Gamification listing or Participate Now

PARTICIPATE NOW

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

  • 2024 Insider Threat Report: Trends, Challenges, and Solutions

    2024 Insider Threat Report: Trends, Challenges, and Solutions

    Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
  • AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    AI-Powered Cyber Ops: Redefining Cloud Security for 2025

    The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
  • Data Management in the Age of Cloud and AI

    Data Management in the Age of Cloud and AI

    In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
  • Mitigating Ransomware Risks with GRC Automation

    Mitigating Ransomware Risks with GRC Automation

    In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

  • HOSTWAY gains 73% operational efficiency for private cloud operations  

    HOSTWAY gains 73% operational efficiency for private cloud operations  

    With NetApp storage solutions, the Korean managed cloud service provider offers a lean, intelligent architecture, …Read more
  • CISOs can navigate emerging risks from autonomous AI with a new security framework

    CISOs can navigate emerging risks from autonomous AI with a new security framework

    See how security leaders can adopt layered strategies addressing intent, governance, and oversight to manage …Read more
  • MoneyMe strengthens fraud prevention and credit decisioning

    MoneyMe strengthens fraud prevention and credit decisioning

    Australian fintech strengthens risk management with SEON to scale lending operations securely and efficiently.Read more
  • PT Kereta Api Indonesia announces nationwide email and communication overhaul

    PT Kereta Api Indonesia announces nationwide email and communication overhaul

    The state railway operator’s upgraded email system improves privacy, operational reliability, and regulatory alignment for …Read more

Bottom sidebar

  • Our Brands
  • DigiconAsia
  • MartechAsia
  • Home
  • About Us
  • Contact Us
  • Sitemap
  • Privacy & Cookies
  • Terms of Use
  • Advertising & Reprint Policy
  • Media Kit
  • Subscribe
  • Manage Subscriptions
  • Newsletter

Copyright © 2025 CybersecAsia All Rights Reserved.