Kaspersky cites SEA cybersecurity trends

Published January 4, 2021, 2:29 PM

by Emmie V. Abadilla

A total of 400 million netizens, nearly 70 percent of Southeast Asia’s (SEA) population, are now fodder for cyber criminals.

Some 40 million of the region’s internet users, mostly from non-city areas in the Philippines, Malaysia and Indonesia, came online for the first time in pandemic year 2020.

Southeast Asians, among the world’s most active Internet users, have always been digital but the adoption wasn’t as pervasive as when COVID-19 hit. 

This is where it gets critical because apart from old-time Internet users who, until now are still being educated on cyber hygiene, here comes the newbies who count among the most vulnerable to cyber threats, warned security experts from Kaspersky’s Global Research and Analysis Team (GReAT).

“Those who have been quick to come on board the digital transformation must also be just as vigilant to protect themselves,”  says Muhammad Umair, GReAT Security Researcher, Asia Pacific.

Last year, top cyber attacks in SEA were cryptomining, phishing scams, targeted ransomware, and DDoS (distributed denial of service). 

Over 310,000 credit card details issued by top banks in the Philippines, Indonesia, Malaysia,

Singapore, Thailand, and Vietnam, were involved in a data breach last March.

Cybercriminals also capitalized on people’s fear of COVID-19 and used healthcare as a bait for different attacks targeting medical equipment in countries where digital transformation has just begun. 

Hence, Kaspersky researchers listed down key areas to watch out for in 2021 in SEA. 

First is Digitalization.

Most sectors in the region are going through a digital transformation in a race for survival.

Schools are switching to remote learning, SMBs that never had online presence have started to build online store fronts, restaurants that never offered home delivery are changing their business model.

Drastic increase in the use of online payment services and transactions in 2020 translates to a growing number of potential victims online. 

We have already witnessed an increased number of phishing attacks on such victims in the first half of 2020 and this trend is expected to continue through 2021, Kaspersky experts warned.

As the availability of  COVID-19 vaccines draws closer, cybercriminals will dangle lures incorporating vaccination themes as well.

Similarly, perimeter security is going to be a significant area of concern throughout 2021 as people continue to work from home, connecting to their corporate networks via Virtual Private Networks (VPNs).

The increased focus on remote working and reliance on VPNs opens up harvesting of user credentials through real-world social engineering approaches such as voice phishing or “vishing” to obtain access to corporate VPNs.

Another possibility is for attackers to accomplish their espionage goals without deploying malware in the victim’s environment.

Secondly, the whole region is ripe for disinformation campaigns as each country draws near to their elections in 2021 and onwards.

The Philippines is scheduled to hold its national elections in 2022.

Malaysia recently stated that it will conduct re-elections once the pandemic has been overcome, possibly this 2021. Vietnam is also planning to conduct its general elections this year.

Indonesia had its general elections in 2019 and just this year, hackers leaked the private information of voters online.

Third is 5G Rollout.

5G has been designed so that more of its operational functionality has been switched to software rather than hardware.

This opens up various avenues for potential attack surfaces (the number of possible vulnerable points in a computer system where an attacker can get through).

Generally, software is considered more accessible and easier to discover vulnerabilities for. It

may only be a matter of time when researchers start to find potential software based flaws, and threat actors will definitely not be much behind, if not ahead.

Fourth is the Health Sector.

The healthcare field as a cyber threat target is a worldwide trend. 

Kaspersky experts projected an increase in attacks on medical equipment in countries where digital transformation in healthcare is burgeoning. 

In 2020, interest in medical research surged among cybercriminals specializing in targeted attacks, spurred by the development of the COVID-19 vaccine and its potential significance for the global community.

All across the SEA region, there has been an increased push towards remote health monitoring solutions and online health consultations, motivated by the goal of reducing contact. 

This means  more patient data is coming online as well as the increase in attack surface

throughout the health sector. 

According to Kaspersky researchers, this trend will continue through 2021.

The new year may also see more attack attempts targeted towards this sector as new regulatory restrictions, new treatments and an increase in the number of potential victims continue to attract attention.

Fifth is Ransomware.

Ransomware threats are becoming more dangerous, sophisticated, and targeted. 

The amount of money being demanded by ransomware groups has also increased significantly.

Germany recorded the first ever ransomware-related death in 2020, when a patient had to be redirected to another hospital because of an ongoing cyber attack but ended up dying in transit.

Cloud security is also an issue.

More and more companies are incorporating clouds in their business models due to the convenience and scalability they offer. 

However, this is a relatively new attack surface which is increasing as more businesses come onboard.

Breaches on such infrastructure can go up this year if companies make rookie mistakes and do not deploy proper security measures and solutions.

Finally, Industrial Control Systems (ICS) can likewise be vulnerable.

Southeast Asia has been one of the worst hit regions in terms of ICS attacks although governments are addressing the issue.

The Philippines has  adopted the strategy of partnering with the private sector for a more effective cyber defense.