Despite raised awareness of post-pandemic remote-working cyber risks, one cybersecurity firm’s South-east Asian user base was still highly vulnerable last year.
Data from a cybersecurity firm’s client base in South-east Asia (SEA) indicates that password-guessing attempts had remained a persistent threat for the year 2024, with over 53m brute-force attacks against its regional customer base detected and addressed.
In the data, Remote Desktop Protocol (RDP) attacks had dominated the observed activity, accounting for the majority of incidents.
The firm’s systems had logged an average of 145,000 daily brute-force attempts across its South-east Asian clientele, with attack volumes intensifying in Indonesia and Malaysia during 2024. Indonesian customers had faced 14.7m RDP-focused attacks (a 25% annual increase) while Malaysian clients had seen a 14% rise to 3.2m incidents. Attack rates for the other regional clientele for 2024 included: the Philippines: 4,115,520; Singapore: 4,250,099; Thailand: 7,298,037; and Vietnam (19,874,626).
The 2024 incident data suggests that attackers targeting SEA had been increasingly leveraging AI to accelerate password-cracking efficiency. Compromised devices operating outside corporate networks’ protective frameworks remained particularly susceptible, as remote access protocols often lacked multi-factor authentication or robust encryption standards among the firm’s client base.
According to Adrian Hia, Managing Director (Asia Pacific), Kaspersky, the firm offering its 2024 incident data findings for the region to the media: “With better AI services (in) play, cybercriminals now have a reliable assistant to guess passwords and break encryptions faster. Once successful, a brute-force attack allows an attacker to gain remote access to the targeted host computer. Imagine the repercussions of having (one) spy or more, inside your computers. Thus, it is urgent for businesses here to really look into their IT posture and recalibrate their cybersecurity capabilities.”
The firm has taken the opportunity to cautions organizations to audit remote access configurations, enforce strict authentication protocols (including the use of corporate VPNs and network level authentication with multi-factor authentication), and segment networks to limit lateral movement during intrusions.
The 2024 incident data suggests that attackers targeting SEA had been increasingly leveraging AI to accelerate password-cracking efficiency. Compromised devices operating outside corporate networks’ protective frameworks remained particularly susceptible, as remote access protocols often lacked multi-factor authentication or robust encryption standards among the firm’s client base.
According to Adrian Hia, Managing Director (Asia Pacific), Kaspersky, the firm offering its 2024 incident data findings for the region to the media: “With better AI services (in) play, cybercriminals now have a reliable assistant to guess passwords and break encryptions faster. Once successful, a brute-force attack allows an attacker to gain remote access to the targeted host computer. Imagine the repercussions of having (one) spy or more, inside your computers. Thus, it is urgent for businesses here to really look into their IT posture and recalibrate their cybersecurity capabilities.”
The firm has taken the opportunity to cautions organizations to audit remote access configurations, enforce strict authentication protocols (including the use of corporate VPNs and network level authentication with multi-factor authentication), and segment networks to limit lateral movement during intrusions.