Password stealers target small businesses in SEA

Cybersecurity solutions provider Kaspersky that cybercriminals have launched more than 11 million web attacks against small businesses (SMB) in Southeast Asia (SEA) during the first half of 2022. Most of the incidents are blocked from infecting Kaspersky users from Indonesia, Vietnam, and Thailand.

The highest number of incidents was foiled in Vietnam, Indonesia, and Malaysia during the first half of 2022.

Kaspersky’s telemetry on SMB covers enterprises with 50-250 employees and is based on detection verdicts of Kaspersky products received from SMB users who consented to provide statistical data.

PH ranks third in e-commerce phishing attacks in SEA — Kaspersky
Only half of SMBs are confident ex-employees can’t access corporate data — Kaspersky

Web-based threats, or online threats, are a category of cybersecurity risks that may cause an undesirable event or action via the internet. Web threats are made possible by end-user vulnerabilities, web service developers/operators, or web services themselves.

Password Stealing Ware

Aside from web threats, Kaspersky also has detected over 370,000 Trojan-PSW (Password Stealing Ware) trying to infect SMBs based in the region.

Trojan-PSW is a malware that steals passwords, along with other account information, which then allows attackers to gain access to the corporate network and steal sensitive information.

“Small business owners may think their companies are too insignificant to become a target for cybercriminals,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. “There is a certain logic in that because attackers usually look for maximum profit from minimum effort. However, enterprises and government organizations should remember that SMBs are usually third-party suppliers to bigger companies and critical entities. This sector is part of a bigger chain and like dominoes, if a single password stealer can enter into a small enterprise’s systems, consider the entire chain compromised.”

To avoid falling victim to web attacks and Trojan password steals, Kaspersky suggests small and medium businesses to follow these tips:

  • When it comes to granting access to resources or services you should follow the least privilege principle. That is, an employee must have the minimum set of access rights — enough only to perform their tasks.
  • Know exactly where your important information is stored, and who has access to it. From this, develop guidelines when hiring new employees, including clearly defining which accounts are needed for each employee, and which ones should be limited only to certain roles.
  • Mature corporate cybersecurity culture helps to prevent many cyberthreats. You can, for example, start by creating a cybersecurity manual for employees so that everyone is on the same page. Here’s a good example for new employees.
  • All passwords must be stored in a secure password manager. It will help your employees not to forget or lose them and also to minimize the chance that an outsider will get access to your accounts. Also, use two-factor authentication mechanisms wherever possible.
  • Advise your employees to lock their computers when they walk away from the desk. They should keep in mind that an office can be visited by all kinds of third parties, including couriers, clients, subcontractors, or job seekers.
    Consider installing antivirus software in order to protect devices from viruses, trojans, and other malicious programs.