While the region is equally vulnerable to global cyber threats, here are four region-specific cyber trends that need enhanced vigilance.
In tandem with the rest of the world, the South-east Asia (SEA) region is gearing up for a hopeful year of recovery in 2022.
But in the wake of last year’s heavy cyberattacks across a variety of industries—from airlines, hospitals, government websites, banks, telecom companies, universities, e-commerce to social media giants—every organization in SEA needs to keep tabs on the shifting cyber threat landscape amid their recovery phase.
Drilling into its rich user base, Kaspersky’s Global Research and Analysis Team (GReAT) is sharing insights into the four top cybersecurity trends to scrutinize regularly in 2022.
- Decrease in targeted ransomware attacks
The rise of targeted ransomware attacks worldwide was timed to match pandemic-created opportunities to attack the most valuable targets as well as disruption-sensitive businesses.
Some SEA organizations were among the victims of such attacks. However, with strong international cooperation and multiple task forces to trace ransomware gangs, Kaspersky experts believe that the number of such attacks will decrease during 2022.
According to Vitaly Kamluk, Kaspersky GReAT: “The initial call was made by the US government, involving the FBI, and even the cyber offensive capabilities of the US Cyber Command. We anticipate that the attacks may resurface later, focusing on hitting developing countries with poor cyber-investigative capabilities or countries that are not allies of the US.”
Given the geopolitical stance of some countries in SEA, it is likely that there will be less or even no such attacks in certain countries from the region in 2022, Kamluk asserted.
Yet, broadly available hosting services, data center services and infrastructure can still be abused by the targeted ransomware gangs. - More advanced scams and social engineering ahead
As cybersecurity gaps are tightened, attackers will focus on non-technology-focused attacks that exploit human vulnerabilities, involving all sorts of scams via SMS messages, automated phone calls, popular messengers, social networks, and so on.
Kamluk commented: “This trend is fueled by automation of some services, such as automatic dialing and automatic initial message delivery with expected follow-up action that triggers manual human-driven scam operation. We believe this trend will develop further in the future, including production of victim-tailored documents, images, deep fake videos, voice synthesis. It’s possible that there will be a shift back from computer-assisted crime schemes (scams) to pure cybercrime based on complete compromise of digital assets (user accounts, smartphones, personal computers). It is likely we will see the first attempts of such technically-advanced scams in 2022.” - More data breaches by unidentified attackers
With the decrease of targeted ransomware attacks that openly expose stolen data, more stolen data is expected to be offered on the Dark Web. Kaspersky experts believe it is not only a symptom of serious challenges that cyber defenders face, but also a motivational factor and a signal for other passive cybercriminals to rush into the field of data theft and illegal trading.
Said Kamluk: “In many cases of data breaches the victims were neither able to identify the attackers, nor find out how they got compromised. Although there has always been a challenge to identify the attacker and the source of the breach, the percentage of such cases has increased significantly in the past two years, reaching over 75%, according to our research.”
As a result, more stolen databases, internal communications, and personal details from various organizations are expected to traded on the black market. - Cryptocurrency and NFT industry attacks
By observing the cutting-edge attackers with large human resources, such as Lazarus group and its sub-group, BlueNoroff, Kaspersky researchers have concluded that an even more significant wave of attacks on cryptocurrency businesses are in store.
Even the growing industry of non-fungible token s(NFT) will be targeted by cybercriminals. This is due to the fact that countries in SEA are leading in terms of NFT ownership, with the Philippines topping the list at 32%, followed by Thailand (26.2%), Malaysia (23.9%), Vietnam (17.4%) and Singapore (6.8%).
“From direct attacks on employees of cryptocurrency startups and exchanges through sophisticated social engineering, software exploits, and even fake suppliers to mass attacks via supply-chain software or its components (i.e., third-party code libraries), we will see an increase of such cases. Additionally, we should see more incidents of NFT property theft in the coming years. Being a totally new area, this will cause a deficit in skilled cyber investigators, resulting in an initial surge of such attacks,” Kamluk added.
Cypto attacks will not only have an effect on the global cryptocurrency markets but also the share prices of individual firms, an outcome that can be monetized by the attackers via stock market.