Asia’s Cyber Battlefield Rises

For the second year, cybercriminals have predominantly targeted manufacturers in the Asia-Pacific region. According to IBM’s 2024 X-Force Threat Intelligence Index, which is the security services division of IBM Consulting, these cyber attacks make up 46% of all reported incidents.

Phishing remains the region’s most common method for initial access, accounting for 36% of incidents in 2023. This is followed by exploiting vulnerabilities in public-facing applications (35%), using legitimate accounts (12%), exploiting trusted relationships (12%), and spreading through removable media (12%).

Cybercriminals find it effortless to exploit genuine accounts since there are billions of compromised credentials accessible on the Dark Web. In 2023, X-Force observed a 266% increase in infostealing malware globally. This type of malware is designed to steal personally identifiable information, such as email credentials, social media and messaging app logins, banking information, cryptocurrency wallet data, and more.

In addition, IBM X-Force forecasts that once generative AI becomes dominant in the market, it could potentially make AI vulnerable to cyber attacks. Therefore, organisations need to ensure the security of their AI models before cybercriminals increase their attacks. Additionally, they should adopt a comprehensive approach to cybersecurity since their current underlying infrastructure provides access to their AI models, making them susceptible to attacks without attackers needing new tactics.

Check Point Research’s report reveals that APAC experienced the highest year-over-year increase in weekly cyberattacks during the first quarter of 2023, with an average of 1,835 attacks per organisation, compared to the worldwide average of 1,248 weekly attacks. This concerning trend prompts questions about the underlying reasons and the necessary measures to tackle the escalating cyber threats in the region.

The escalating number of sophisticated attacks in APAC raises genuine concerns, exemplified by the case of the widely used 3CX phone service application being manipulated into a trojan as part of a supply attack. Moreover, there’s a notable rise in the accessibility of malware, evident in instances of threat actors utilising ChatGPT to generate code, aiding less-skilled actors in effortlessly launching cyberattacks.

What factors have triggered this surge in both the volume and complexity of attacks? When examining why the region has become a hub for cybercrime, several factors come into play:

APAC has undergone rapid digital transformation, particularly during and after the pandemic. Many organisations have hurriedly adopted new technologies and digital platforms without adequate security measures, leaving vulnerabilities ripe for exploitation. This increased digitisation has broadened the attack surface for cybercriminals.

The younger generation in APAC, heavily reliant on mobile devices and collaborative tools such as TikTok and Facebook, has grown accustomed to the risks associated with clicking on suspicious links or sharing sensitive information online. Their online behaviour makes them more susceptible to social engineering attacks and phishing attempts.

The rise of the hybrid workforce, incorporating both remote and in-office work arrangements, has presented new challenges for cybersecurity teams. The transition to remote work has heightened dependence on digital communication and collaboration tools, exposing organisations to new security risks as cybercriminals exploit vulnerabilities in remote access systems and unsecured home networks.

Expanding collaborative platforms has opened up a fresh avenue for cybercriminals to exploit. The rising reliance on applications such as video conferencing, cloud storage, and file-sharing services has created fertile ground for potential security breaches. Threat actors are honing in on vulnerabilities such as lax security configurations, outdated software, and unsuspecting users, aiming to access sensitive data illicitly.

Countries like Taiwan, China, and Vietnam play pivotal roles in the semiconductor and manufacturing sectors in the APAC region. Given their economic significance and the valuable intellectual property they possess, these industries have become prime targets for cyber espionage and theft of intellectual property.

Leave a Reply