Ransomware is making its way back as one of the biggest threats to cybersecurity.
A malicious software (malware) hidden in links, attachments or websites, ransomware locks computers through encryption and then demands money to restore access.
While information technology (IT) experts speculated that ransomware cases would increase last year after dominating cyberspace discussions in 2017 with high-profile worldwide outbreaks such as WannaCrypt and Petya, these fears failed to materialise.
However, with cybersecurity experts McAfee revealing in its ‘McAfee Labs Threats Report: August 2019’ that new ransomware samples increased 118 percent in the first quarter of 2019 compared to the last quarter of 2018, ASEAN can expect to see more attention-grabbing headlines surrounding ransomware.
“After a periodic decrease at the end of 2018, the first quarter of 2019 was game on again for ransomware, with code innovations and a new, much more targeted approach,” said Christiaan Beek, McAfee lead scientist and senior principal engineer.
“Paying ransoms supports cybercriminal businesses and perpetuates attacks. There are other options available to victims of ransomware. Decryption tools and campaign information are available through tools such as the No More Ransom project,” he added.
Lose public confidence
While data about ransomware attacks in ASEAN is scarce, they continue to be popular due to how profitable they can be for attackers.
Not only do they have a clear monetisation model, they are easy to implement and can be spread across different networks rapidly.
At least 10 Thai companies suffered ransomware attacks in 2017, and in an interview with Thai media, Supaset Chokchai, chief of the Royal Thai Police’s Technology Crime Suppression Division (TCSD) said that nearly all companies paid the ransoms as they were fearful of losing their databases.
He noted the companies were also hesitant to launch formal complaints as they did not want to risk losing the confidence of their investors, trade partners and the general public.
Just last week, a Malaysian bank was forced to address speculation on social media that its servers and computers were hit with a ransomware attack after its customers complained about technical difficulties when trying to access their banking services.
While business leaders may be averse to revealing details of ransomware attacks on their companies, a survey of 250 company leaders and executives polled in Singapore in January found that more than a quarter frequently encountered ransomware attacks.
Two of Indonesia’s biggest hospitals – Dharmais Hospital and Harapan Kita Hospital – were hit by ransomware in 2017, locking out the hospitals’ information technology (IT) systems, patient medication records and billing, leaving ASEAN citizens questioning their data security in the face of hackers that are increasingly more sophisticated.
In March, the Vietnam Computer Emergency Response Team (VNCERT) issued a high alert for a ransomware named GandCrab after fears it had spread throughout the country while attached to emails disguised as being sent by the Ministry of Public Security.
“Corporate data and IT systems that organisations rely on for their business have never been more at risk than today, and they are not doing enough to prevent their end users from unwittingly installing malware, ransomware and other threats,” said Tuan Le, General Manager for ASEAN at telecommunications firm, Orange Business Services.
“Add this to ASEAN’s own admission that the region is not investing enough money in combating cyberattacks, and it seems clear that we have a challenge to overcome,” he added.
It is no secret that ASEAN’s cybersecurity budget is inadequate.
Consultants AT Kearney last year calculated that the region needs to spend around US$171 billion on cybersecurity between 2017 and 2025, failing which the top 1,000 companies in the region could stand to lose about US$750 billion in market capitalisation due to cyberattacks.
However, the 10-nation bloc only spent an estimated US$1.9 billion on cybersecurity in 2017.
Initiatives such as the ASEAN Cyber Capacity Program (ACCP) introduced in 2016 and the ASEAN Cybersecurity Cooperation Strategy launched in 2017 are among the regional mechanisms Southeast Asia has to combat cyber-crime in the region, but it is at the individual level that the most effective work can be done in combatting ransomware and other cyberattacks.
Apart from not opening email attachments from unfamiliar senders, IT security company Kaspersky Lab advises the public to avoid downloading media files from unknown websites, clicking links in spam emails or visiting unfamiliar websites to minimise their risk of getting infected by ransomware.
At the corporate level, cybersecurity training for staff and ensuring servers and computers have the latest updates are vital in addressing concerns about ransomware and other cyberattacks.
While the lack of budget and expertise may constrain smaller companies from pulling out all the stops to safeguard their IT systems, increased investment in cybersecurity will go a long way in preventing cyberattacks which could potentially ruin their business.