Tables show the incidence of malware detected in six countries in Southeast Asia. — Source Kaspersky
According to the latest statistics from Kaspersky Security Network (KSN), until May some 1,120 SMB employees encountered malware or unwanted software disguised as business applications. Of them, 710 got distributed.
The number of threats targeting SMBs it detected and blocked increased from 1,240 in H1 2022 to 25,194 in H1 this year, Kaspersky said.
Malware, an umbrella term for “malicious software”, is designed by and for professional cybercriminals to cause harm to a user’s device or network. It encompasses a variety of cyberthreats such as Trojan and other viruses (ransomware is a form of malware). Malware attacks are destructive to small businesses as they can cripple devices requiring expensive repairs or replacement. Malware also gives attackers a back door to access and steal data, putting both customers and employees at risk.
The SMB threat statistics from the KSN telemetry gathered figures in this sector from six countries in Southeast Asia, Việt Nam, Malaysia, the Philippines, Singapore, Thailand, and Indonesia, and malware detected in SMBs in Việt Nam was much higher than in the others.
According to experts, cybercriminals attempt to deliver malware and unwanted software to employees’ devices by using any means necessary, such as vulnerability exploitation, phishing e-mails and fake text messages. One of the methods often utilised to hack into employees’ smartphones is imitating messages from banks. The victim receives a link via SMS, WhatsApp, Facebook Messenger, or some other messaging app, and if the user clicks the link, a malicious code is uploaded into the system.
Yeo Siang Tiong, Kaspersky’s general manager for Southeast Asia, said: “SMBs are still a lucrative target for cybercriminals. They generate 50 per cent of Việt Nam’s gross domestic product.
“[Amid] the rapid transformation that SMBs are going through, it is important for them to take basic steps to protect against cybercriminals’ evolving tactics and techniques.”
Kaspersky said to keep businesses protected from cyberthreats, firms should provide their staff with basic cybersecurity training and conduct a simulated phishing attack to ensure that they know how to recognise phishing e-mails and protect Microsoft 365, and control access to corporate assets such as e-mail boxes, shared folders and online documents.
Besides, they need to make regular backups of essential data to ensure that corporate information stays safe in an emergency, provide clear guidelines on the use of external services and resources, encourage employees to create strong passwords for all digital services they use, and protect accounts with multi-factor authentication wherever applicable, it added.
Ransomware and targeted attacks
In addition to the surge in cyber threats against SMBs in Việt Nam, the global cybersecurity leader Fortinet released its semiannual Global Threat Landscape Report, focusing on ransomware and targeted attacks. FortiGuard Labs, responsible for the report, observed several significant trends in the first half of 2023.
FortiGuard Labs found that fewer organisations detected ransomware in the first half of 2023 (13 per cent) compared to this time five years ago (22 per cent).
Despite the overall decline, organisations must keep their guard up. This supports the trend that FortiGuard Labs has seen over the last couple of years, that ransomware and other attacks are becoming increasingly more targeted thanks to the growing sophistication of attackers and the desire to increase the return on investment (ROI) per attack.
Research also found that the volume of ransomware detections continues to be volatile, closing the first half of 2023 13 times higher than the end of 2022, but still on a downward trend overall when comparing year-over-year.
For the first time in the history of the Global Threat Landscape Report, FortiGuard Labs tracked the number of threat actors behind the trends. Research revealed that 41 (30 per cent) of the 138 cyberthreat groups MITRE tracks were active in the first half of 2023.
In the first six months, FortiGuard Labs detected more than 10,000 unique exploits, up 68 per cent from five years ago. The spike in unique exploit detections highlights the sheer volume of malicious attacks security teams must be aware of and how attacks have multiplied and diversified in a relatively short amount of time. — VNS