Most SEA business execs expect ransomware attacks but undermines its threat

0
76

Kaspersky’s recent study reveals the majority of business executives in Southeast Asia (SEA) do anticipate data theft, APT, and other ransomware attacks. However, it also showed that over half believe such a thing happening against their business only has a little possibility. 

The study “How business executives perceive ransomware threat” surveyed 100 executives from SEA, conducted last April. Positively, most of these executives are concerned about the sophisticated risks online, with Data theft, alongside Advanced Persistent Threat (APT) attacks and ransomware infections being at the top of their list.

“Assessment of the possibility of these attacks against your organizations” survey (source: Kaspersky)

And yet, most respondents (almost 7 in every 10) anticipating a ransomware attack believed that “the possibility of my organization being exposed to a ransomware attack is too small to worry about.” 

A majority (81%) of the surveyed non-IT executives in SEA also trust that the security measures they have in place are enough to protect them from a ransomware attempt.

“At first glance, it is good to see that the business executives here are confident about their security posture to defend their organizations against damaging online attacks such as ransomware. We should, however, be careful about not letting confidence breed complacency because the reality is a ransomware attack is not something too small for enterprises to be worried about,” commented Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“Even though 72% of our respondents from SEA believe that ransomware attacks are being shown as a bigger threat than they actually are by the media, this type of threat is actually evolving and is transforming into a bigger menace that our security systems and IT staffs should be ready for.”

Since 2020, Kaspersky experts have been warning about “Ransomware 2.0”. Almost always a “targeted ransomware,” Ransomware 2.0 refers to cybercriminal groups who moved from hostaging data to exfiltrating data coupled with blackmailing. The aftermaths of a successful attack include significant monetary loss and damaging reputation loss. This goes beyond kidnapping a company’s or an organization’s data, as the groups are utilizing the increasingly valued digital reputation to force their prey to pay a hefty ransom.

To help organizations protect their systems from ransomware and other sophisticated attacks, Kaspersky experts recommend the following:

  • Always keep up-to-date copies of your files so you can replace them in case they are lost (e.g., due to malware or a broken device). These should be stored not only on a physical device but also in cloud storage for greater reliability. Make sure you can quickly access your backups in an emergency.
  • Keep your OS and software patched and up to date.
  • Train all employees on cybersecurity best practices while they work remotely. 
  • Only use secure technologies for remote connection.
  • Carry out a security assessment on your network.
  • Enterprise companies are recommended to use anti-APT and EDR solutions, enabling capabilities for advanced threat discovery and detection, investigation, and timely remediation of incidents, as well as having access to the latest threat intelligence. An MDR provider could help to effectively hunt any advanced ransomware attack. All of the above is available within Kaspersky Expert Security.
  • Follow the latest trends via premium threat intelligence subscriptions, like Kaspersky APT Intelligence Service.
  • Know your enemy: identify new undetected malware on premises with Kaspersky Threat Attribution Engine.
  • If you become a victim, never pay the ransom. It won’t guarantee you get your data back but will encourage criminals to continue their business. Instead, report the incident to your local law enforcement agency. Try to find a decryptor on the internet – you can find some of these available at nomoreransom.org.
  • Never follow the demands of the criminals. Do not fight alone – contact Law Enforcement, CERT, and security vendors like Kaspersky.  

For companies looking to improve the expertise of their in-house digital forensics and incident response teams, as well as for IT security practitioners looking to upgrade relevant skills, Kaspersky has also expanded its online expert training portfolio

The Windows Incident Response training was developed by experts from the company’s Global Emergency Response Team (GERT) with more than 12 years of experience in the field. 

The self-guided training course includes 40 video lessons and 100 hours of virtual lab time for hands-on learning. The estimated training duration is 15 hours, but participants will have six months of access to the platform to finish the training.

You can read more about the Windows Incident Response course here.