Kasperksy reports fewer Ransomware attacks in H1 of 2020

09/14/2020 12:35:28 PM

If there's a bit of silver lining about cyberattacks taking place for the year, it's that ransomware incidents against small and medium enterprises in Southeast Asia reached its decline for the first half of the year. 

This was reported after Kaspersky has managed to notice a significantly fewer number of such attacks on SMEs based at all six countries of the SEA region during the six-month stretch. Specifically, Singapore has logged the highest reduction of ransomware detections at 89.79% followed by Malaysia at 87.65% and Indonesia at 68.17%. Prior to this, the cybersecurity company detected and blocked 1.4 million ransomware attacks from January to June 2019.

Globally, Indonesia and Vietnam landed in fourth and eighth places, respectively, in Kaspersky’s overall ranking of countries with the most detected ransomware attacks in the second quarter of 2020. China, Brazil, and Russia were the top three in the cybersecurity company’s worldwide ranking for this period.

Ransomware is malicious software that infects one’s computer, locks the computer screen or encrypts important files with a key, and displays messages demanding a fee to be paid in exchange for the promise to have the computer to work again. This class of malware is a criminal money-making scheme that can be installed through deceptive links in an email message, instant messaging, or website, as well as a number of more sophisticated techniques. 

The results aligned from the forecast of Kaspersky's experts wherein in as early as two years ago the decline of ransomware up to this year. Kaspersky projected that ransomware will tail off because of increased public attention. Continuous reporting as well as initiatives such as the No More Ransom project, which was co-founded by Kaspersky, provided resources to assist individuals and businesses to recover their data and devices from ransomware attacks. Resources included free decryption tools.

According to the cybersecurity company, the observed decrease in the region is mainly due to two reasons: one is the decline of one of the biggest ransomware groups that hit organizations worldwide in 2017, and two, because of upgrades in software systems that reduced the vulnerability of computer systems. The Microsoft Windows operating system has been the target of this malevolent malware. 

“The main factor that contributed to this decrease is the gradual decline of the WannaCry ransomware which was one of the top verdicts in our statistics. Most probably, with systems getting patched, this uncontrolled worm gets fewer targets over time,” says Fedor Sinitsyn, Senior Malware Analyst at Kaspersky.  

While WannaCry is somehow waning in its assaults, Kaseprsky assures, however, that it is should not let SMBs put their guards down.

“Our industry has been unfaltering in our advanced research and resolute reporting of sophisticated attacks and we see its important contribution in the weakening of some ransomware campaigns. But we can never be complacent. Prolific attacks may always fly under our radar and we need to continue to watch out for them,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky. 

“The spray and pray tactic of ransomware creators may be over but we are also observing the rise of the more dangerous targeted ransomware. It is good news that ransomware detections against SMBs in the region have become lesser in quantity, but the recent headline-grabbing incidents involving Maze ransomware and the recent WastedLocker attack which allegedly earned $10 million in one infection should be a clear reminder for all companies, however small, that we need to beef up our cybersecurity now more than ever against this costly threat,” Yeo adds.

In case your company has become a victim of a ransomware attack, Kaspersky recommends disconnecting the infected computer from any network and the internet and then isolate it. And never pay the ransom demanded by the cybercriminals.

In fact, the anti-cyberattack firm recommends that as in a real-life hostage situation, it’s best not to negotiate with cyber attackers. Paying the ransom is not a guarantee that the compromised data will be returned and yielding encourages this sort of crime. 

Kaspersky Southeast Asia is also giving a buy 1-year license get 1-year license for free promotion for its unparalleled endpoint solutions which include: 

Kaspersky Endpoint Security for Business

Kaspersky Endpoint Security for Cloud and Cloud Plus

Kaspersky Security for Microsoft Office 365

Kaspersky Hybrid Cloud Security. 

Aside from endpoint protection, Kaspersky also recommends the following: 

• Treat email attachments, or messages from people you don’t know, with caution. If in doubt, don’t open it.
• Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them.
• Back up data regularly. Make sure you can quickly access it in an emergency when needed.
• Always keep software updated on all the devices you use. To prevent ransomware from exploiting vulnerabilities, use tools that can automatically detect vulnerabilities and download and install patches.
• To protect the corporate environment, educate your employees. Dedicated training courses can help, such as the ones provided in the Kaspersky Automated Security Awareness Platform.
• Carry out regular security audits of your corporate network for anomalies.
• Don’t overlook less obvious targets, such as queue management systems, POS terminals, and even vending machines, and ensure that you use a security solution designed for embedded systems 

Author: slickmaster | © 2020 The SlickMaster's Files