Ransomware Gangs Pummel Southeast Asia

September 9, 2024

While 75% of the global ransomware attacktrade currently targets North America and Europe, there are signs pointing to arising interest in Southeast Asia, and analysts predict that interest willcontinue to rise. Telemetry data provided by Trend Micro indicates thatransomware is a growth sector in southeast Asia, outpacing the rate ofransomware growth in European nations. This continues a trend from 2023, wherethe number of publicly reported ransomware attacks rose by 85% in Asia. Thisyear we have observed powerful cyberattacks such as the takedown of multiplegovernment agencies in Indonesia by the Brain Cipher gang, a ransomware-basedlockdown of a major securities brokerage in Vietnam, and the spreading ofmalicious PyPI packages in Japan, and we are likely to see more before the yearends.

 

The Asia-Pacific region is also a hotbed of cybercrime activity. North Korea, of course, is notorious for using cybercrime as a source of funding, stealing vast quantities of cryptocurrency and extorting sums in ransomware. Criminal syndicates across the region, many of them based in China, operate fraud centers in Cambodia, Laos, and Myanmar, where individuals are trapped and forced to perform industrial scale fraud, notably the well known pig butchering schemes.

 

How to mitigate this rising tide? Analysts suggest the growing focus on the region is opportunistic: growing economies that need to rapidly digitize in order to meet rising demand often do not make cybersecurity a priority, leading to networks riddled with misconfigurations and vulnerabilities that are easy for attackers to exploit. Rectifying this is the responsibility both of the individual businesses involved and of the national governments of the region. Several are already updating their regulations to address these problems. In May, Singapore updates the terms of its Cybersecurity Act to address its reliance on third party cloud services, and in April Malaysia passed new legislation that required new licensing standards for its cybersecurity service providers. Other countries in the APAC region should consider following their example.

More from Blackwired

May 7, 2025

Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign

Claude AI was misused to run a propaganda network, showing new risks of AI in digital influence and fraud.

Read more
April 30, 2025

Ransomware groups test new business models to hit more victims, increase profits

Ransomware groups adapt with new models; DragonForce decentralizes tools, Anubis shifts to extortion over encryption.

Read more
April 23, 2025

Researchers claim breakthrough in fight against AI’s frustrating security hole

CaMeL secures AI by isolating untrusted input, using dual LLMs and strict code control to block prompt injections.

Read more

© 2024 Blackwired. All Rights Reserved.