Check Point Research: Asia Pacific experiencing a 168% year on year increase in cyberattacks in May 2021
- Check Point Research (CPR) has revealed a staggering 168% year on year increase in the number of cyberattacks in Asia Pacific (APAC) when compared to May 2020.
- Between April and May 2021, APAC saw a 53% increase in cyberattacks.
- Malware types which showed the largest increase in APAC are ransomware and Remote Access Trojan (RAT) both of which increased by 26% in May 2021 compared to earlier this year. Banking trojans and infostealers also showed a 10% increase.
In recent months, the Asia Pacific (APAC) region has seen an increase in the number of cyberattacks. Most recently in Japan, Omiai, the country’s most popular dating app, experienced a server hack which exposed the data of over 1.7 million people, including images of driving licenses and passports users submitted to verify their age. Over in India, the data of customers of Domino’s India have been found on the Darknet following a cyberattack which exposed the data of 180 million users earlier this year.
Check Point Research (CPR) noticed this trend of cyberattacks happening in the region, and decided to investigate, specifically:
- If there was an increase in cyberattacks in APAC when compared to the previous months, as well as the same period last year.
- Malware types which attackers favored
- Which countries were most impacted
- Which industries were most impacted
Researchers discovered that indeed, there has been a whopping 168% increase year on year in the number of cyberattacks in May 2021 in APAC. In addition between April and May 2021, there was a 53% increase in cyberattacks. Currently, an organization in APAC suffers from 1,245 weekly attacks.
The malware types which showed the largest increase in APAC are ransomware and Remote Access Trojan (RAT) both of which increased by 26% in May 2021 compared to earlier this year, followed by banking trojans and infostealers which showed a 10% increase.
Percentage increase in cyberattacks in May compared to previous months in 2021 by country
The top 5 countries which have seen the largest increase in cyberattacks are Japan (40%), Singapore (30%), Indonesia (25%), Malaysia (22%) and Taiwan (17%).
|Country||Percentage difference between May and previous months in 2021||Average weekly attacks in May|
Figure 1: Percentage difference in number of cyberattacks in May compared to previous months in 2021 by country
Why is APAC a popular target for attackers?
The recent new wave of work from home initiatives being imposed by various authorities in APAC means more security gaps are now available for attackers to leverage. Also, when looking at the popularity of APAC as a target for attackers, it is important to consider the snowball effect. The more successful attacks take place in the region, the more other attackers would want to follow suit, especially since they know they have a higher chance of succeeding in the attack.
The pandemic has also impacted the economic landscape, having reduced the growth of leading Asian economies. According to the World Bank, on top of the impact of local lockdowns, countries in APAC took a significant hit in global economic activities, with Southeast Asia being most affected. Hard times like this naturally push people to crime, and cyberattacks are just another form of crime.
Percentage increase in cyberattacks in May compared to previous months in 2021 by industry
The top 3 industries which have seen the largest increase in cyberattacks are Utilities (39%), ISP/MSP (12%), and software vendors (6%).
|Industry||Percentage difference between May and previous months in 2021||Average weekly number of attacks in May 2021|
Figure 2: Percentage difference in number of cyberattacks in May compared to previous months in 2021 by industry
Tips for Organizations
The next attack can be prevented if organizations change their view on security, and follow a few principles.
- Maintain security hygiene: Make sure up-to-date security patches are maintained across all systems and software. Networks should be segmented, applying strong firewall and IPS safeguards between the network segments in order to contain infections from propagating across the entire network.
- Principle of Least Privilege: User and software privileges should be kept to a minimum – is there really a need for all users to have local admin rights on their PCs?
- Adopt a prevention approach: Not only can attacks be blocked, but they can be prevented, including zero-day attacks and unknown malware. With the right technologies in place, the majority of attacks, even the most advanced ones can be prevented without disrupting the normal business flow.
- Cover all attack vectors including networks, mobile, cloud, endpoints, IoT
- Keep your threat intelligence up to date: Keep your business up and running with comprehensive intelligence to proactively stop threats. Manage security services to monitor your network and incident response to quickly respond to and resolve attacks.
Staying safe online – tips for consumers
- Check the full email address on any message you receive and be alert to hyperlinks that may contain misspellings of the actual domain name.
- Verify you are using a URL from an authentic website: One way to do this is not to click on links in emails, and instead click on the link from the Google results page after searching for it.
- Beware of lookalike domains: spelling errors in emails or websites, and unfamiliar email senders.
- Protect mobile and endpoint browsing with advanced cyber security solutions, which prevent browsing to malicious phishing web sites, whether known or unknown
- Use two-factor authentication to verify any change to account information or wire instructions
- Never supply login credentials or personal information in response to a text or email.
- Regularly monitor financial accounts
- Keep all software and apps up to date.
Cyberattacks – tips for affected consumers
What happens when a company you are a customer of experiences a cyberattack and your personal information might be exposed? The following are some of the steps to take:
- Change all your passwords immediately. Be sure to use a strong passwords. A password manager can help you with this.
- Enable two-factor authentication where available. This is essentially is a 2-step verification process.
- If you believe your personal credentials such as social security or driver’s license information has been leaked, apply for a new one with a new number through your relevant local authorities
- If your credit card details have been stolen, contact your bank to block your credit card and replace it with a new one.
- Be more vigilant when it comes to trusting links in emails and SMSes sent to you, especially if your email address or mobile number has been leaked. Scammers could use this for phishing attacks. In addition, be mindful about scam calls.
- Install security software on your devices to protect you from malware, prevent data theft and keep you safe while you visit sites and transact online.