Asia Under Ransomware Fire
Asia Under Ransomware Fire – Despite the Covid-19 pandemic, the Asian continent continued to experience healthy economic growth in 2020. According to the IMF (International Monetary Fund), Cambodia grew by 4.2% and is expected to grow by 6% next year.
Six other ASEAN countries will develop faster than Cambodia: the Philippines (6.9%), Malaysia and Vietnam (6.5%), Singapore (5.2%), Laos (4.6%) and Indonesia (4.3%). Such rates would make many Western countries green with envy; however, they originate in the context of major technological transformation, driven by key regional players such as China, South Korea and Japan. But digital transformation also means the volume of constantly moving data is increasing rapidly.
Yet the continent is facing another pandemic – ransomware. The Group-IB research firm indicates in a report that the APAC zone was a main target between June 2019 and June 2020 (1). According to the same report, attacks in the Asian zone represent 7% of all ransomware / APT attacks.
The most frequently attacked countries are India and China, mainly by the Maze and REvil worms, which together account for half of all attacks. Next are Ryuk, Netwalker and DoppelPaymer. The attacks are carried out mainly by compromised remote accesses of workstations. 47% of successful compromises used RDP (Remote Desktop Protocol) present on Windows workstations (2). 17% went through misconfigured VPNs or other types of remote access.
These attacks are regularly associated with data theft that precedes the launch of the encryption of the machines to allow a system of double extortion. Extortion of funds to recover the encryption key, then ransom to prevent the data from being disclosed on the “Dark Web” or the data being sold to other criminal groups.
A strengthening of the regulations in force
The countries in the APAC area are also extremely cautious about respecting data privacy or data that might concern national security. Australia has established a data leakage disclosure law since 2018 combining with other federal laws around data privacy.
The agency in charge of overseeing this procedure reviews an average of 67 breaches per month. In Japan, the APPI law on privacy protection was strengthened by an amendment in 2017. The Japanese government and the European Commission have been working together to implement fair exchanges of personal data between the two regions and the Japanese system is very similar to the European GDPR.
China imposes the storage of data on Chinese soil and the Chinese government assumes the right to control the measures put in place to secure companies’ networks. In South Korea, the penalties for data leaks were increased in 2016 and can be as high as 3% of a company’s revenue for serious breaches. India, Malaysia, Hong Kong, Thailand and the Philippines also have their own data protection regulations (3).
While these measures are there to strengthen confidence in digital, the impacts of the attacks are not without consequences for Asian companies. With the increasing number of attacks, governments in the region can only encourage or force companies to better protect their data and therefore strengthen the measures already in place.
The last barrier against cybercrime
While backup solutions do not prevent data leaks, they do prevent the risk of data encryption and protect data on remote desktops and laptops, which are on the increase due to the growing use of teleworking. Data backup is the last line of defense, including for incidents and malicious acts. A laptop is stolen every 53 seconds and 57% of thefts occur in the workplace. The total cost of losing a laptop is estimated at €42,000.
Atempo’s Lina, labeled ‘As used by French Armed Forces’ and ‘France Cybersecurity’, is a solution that protects corporate desktops, laptops and file servers, even if these devices are on networks with low bandwidths. The solution allows remote workers to be autonomous and restore the files or data they require to perform their work. And who has never inadvertently deleted a useful file?
This restoration is simplified by a search function on the backups as well as the conservation of previous versions by a simple internet access from a browser. Moreover, Lina allows us to restore a whole machine: system and data.
The backup is realized continuously and incrementally in order to minimize the data loss which is also deduplicated to optimize the network resources and the stored volumes. Bare Metal Restore and continuous data protection are weapons to avoid the worst ransomware scenarios and avoid significant financial consequences.
Learn more about Lina here!
Asia Under Ransomware Fire