Asia Pacific endured the most cyberattacks in 2016, says Trend Micro report

Asia Pacific (APAC) encountered the most cyberattacks in 2016 across multiple threat types, compared to other regions, according to Trend Micro Incorporated’s 2016 Global Roundup Report.

The data were derived from Trend Micro’s threat intelligence database. The company detects and analyzes swathes of threats globally every year, including ransomware, vulnerabilities, exploit kits, mobile apps, online banking software, and so on.

“It is hardly surprising that enterprises today are facing a surge of known and unknown threats. Known threats are growing – globally, we blocked over 80 billion attacks attempting to cause havoc in 2016 alone,” cautioned Dhanya Thakkar, Managing Director, Asia Pacific, Trend Micro.

“On top of dealing with those, the industry is increasingly combatting unknown threats that are appearing at the rate of 500,000 per day. The onslaught of mixed attacks emphasizes the importance of strengthening one’s cybersecurity posture and adopting a cross-generational security approach capable of handling both the influx of known attacks and the rise of unknown threats designed to evade the conventional security software.”

Twenty-seven percent of ransomware attacks were launched targeting enterprises and individuals based in APAC – the highest of all regions, followed by EMEA (25%) and Latin America (22%).

2016 marked a record year for online extortion, with ransomware families growing by a whopping 752% and netting US$1 billion in monetary gains.

In 2017, open source ransomware and ransomware-as-a-service (RaaS) will continue to make stealthy extortions accessible for cybercriminals running their own ransomware operations. Given that, enterprises in the region are advised to deploy multi-layered security solutions incorporating machine learning capabilities to counter ransomware infections.

Online banking malware

The report also revealed that 317,833 online banking malware were detected in APAC, three times more than North America and six times more than Latin America – the second and third places respectively.

ATMs running on outdated systems like Windows XP Embedded, which Microsoft ended security support for, proved to be popular targets. Banking Trojans and skimmers were two preferred attack methods by cybercriminals looking for quick cash.

In Q4 alone, Trend Micro blocked 435,709 exploit kits in APAC, the most of all regions. The top three kits leveraged in the region were RIG (~307k), Magnitude (~106k), and Sundown (~12k).  In addition to their efficacy at directly taking advantage of unpatched system vulnerabilities and zero-day vulnerabilities, exploit kits were also used to deliver ransomware. Today, 18% of all known ransomware families arrive via exploit kits.

BEC scams and botnets

Business Email Compromise (BEC) campaigns acquired momentum and new victims in APAC last year. Brought to the public attention by the Bangladesh Central Bank cyber heist, the average loss resulting from a BEC attack hovers at US$140,000. Currently, BEC scams are present in 92 countries worldwide; the most affected markets in the APAC region are Hong Kong, Japan, and India.

With high-profile distributed denial of service (DDoS) attacks in the US and APAC, cyberattacks turning IoT devices into zombie bots became a real-world problem in 2016.

Most notably, the Mirai botnet was made of around 100,000 connected objects. This was created as the IoT devices didn’t have efficient security protocols to withstand infiltration. Most likely these devices were still using default passwords that were set during manufacturing, which could be easily broken.