Over 60 entities in the Asia Pacific region were targeted by ransomware group in 2020, according to Kaspersky during its annual Cyber Security Weekend held online recently.
Countries Australia and India logged the highest number of incidents across APAC while the light industry (manufacturing of clothes, shoes, furniture, consumer electronics, and home appliances) topped the segments that were compromised. Other segments include public service, media and technology, heavy industry (oil, mining, shipbuilding, steel, chemicals, machinery manufacturing), consulting, finance, and logistics.
Dubbed as Ransomware 2.0, cybercriminals did not only steal data but put pressure on companies who highly value their digital reputation.
“Targeted ransomware has been a problem for many Asian enterprises,” said Vitaly Kamluk, director of Global Research and Analysis Team (GReAT) for APAC at Kaspersky. “In some cases, Maze ransomware gang claimed responsibility and published stolen data from the compromised companies.
The Maze group immediately launched a full-scale campaign against businesses just a half a year after their formation in 2019. That same year, the group leaked 700MB of the victims’ internal data online. They have just gotten started because another 334 companies and organizations experienced a data breach.
According to Kaspersky, the Maze ransomware group is one of the first groups which started the use of “pressure tactic,” or threatening victims that they will publicly leak the most sensitive data stolen from their compromised systems through the group’s own website.
“Pressure tactic is a serious threat to public and private organizations,” Kamluk said. “This attack plays on companies’ digital reputation as it threatens to divulge data of a breached entity, compromising its security and its name at the same time.”
Kamluk noted that digitalization has birthed different pressure points for a company. Before, enterprises’ only main concerns included business continuity and, depending on the industry, government regulation. Now, surviving in the era of the digital reputation economy means that they should also be aware of business trust — with their partners and customers — as well as public opinion.
A recent survey conducted by Kaspersky proved Vitaly’s points. Results showed that 51% of users in APAC agree that a company’s online reputation is essential. Almost half (48%) also admitted that they avoid companies who were involved in a scandal or had received negative news coverage online.
“Maze group just announced that they are closing down, but this gang just triggered the beginning of this trend. A successful targeted ransomware attack is a PR crisis that can damage an organization’s reputation, online and offline. Financial toll aside, fixing one’s name is quite a harder task to take which is why we urge public and private entities to take their security seriously,” Kamluk said.
To remain protected against these threats, Kamluk suggests enterprises and organizations to:
- Stay ahead of your enemy: make backups, simulate attacks, prepare action plans for disaster recovery.
- Deploy sensors everywhere: monitor software activity on endpoints, record traffic, check hardware integrity.
- Never follow the demands of the criminals. Do not fight alone – contact Law Enforcement, CERT, security vendors like Kaspersky.
- Train your staff while they work remotely: digital forensics, basic malware analysis, PR crisis management.
- Follow the latest trends via premium threat intelligence subscriptions, like Kaspersky APT Intelligence Service.
- Know your enemy: identify new undetected malware on-premises with Kaspersky Threat Attribution Engine.
Support Back End News
Back End News is an independent technology website built on bootstrap funding.