One global 2021 survey yielded signs that cyber complacency in the region could spell trouble
In an April 2021 global survey of 900 senior non-IT management personnel (CEOs, VP, and Director level) and business owners or partners at firms with 50–1,000 employees (with 100 from South-east Asia [SEA]), regarding respondents’ perceptions of ransomware and malware threats, 65% believed that “the possibility of my organization being exposed to a ransomware attack is too small to worry about.”
In SEA, 77% of respondents were most concerned about data theft (data breaches): the illegal transfer or storage of personal, confidential, or financial information. This was closely followed by the concerns over APT attacks (75%) and ransomware attacks (73%).
Furthermore, 81% of non-IT executives in the survey had indicated that the security measures they had in place were enough to protect them from a ransomware attempt. Also, 72% of respondents from the region believed that the mass media was showing ransomware attacks as a bigger threat than they actually are.
According to Yeo Siang Tiong, General Manage (SEA), Kaspersky, which commissioned the survey:
“It is good to see that business executives here (were) confident about their security posture to defend their organizations against damaging attacks such as ransomware. We should, however, be careful about not letting confidence breed complacency because the reality is a ransomware attack is not something too small for enterprises to be worried about.”
According to Yeo, as of 2020, at least 61 entities from the region have been breached by targeted ransomware groups: ranging from those in the light industries (clothes, shoes, furniture, consumer electronics and home appliances; public service, media and technology) to those in the heavy industries (oil, mining, shipbuilding, steel, chemicals, machinery manufacturing; finance, and logistics).
Infamous ransomware groups that are being closely monitored by cybersecurity firms worldwide include REvil, LockBit, Conti, and more.