A report by INTERPOL on cybercrime in Southeast Asia has highlighted the key emerging cybercrime trends and threats which continues to be faced by the region today. Threat actors continued to improve their cyberweapons, adopted new attack methods, and tailored their attacks to emerging technologies.
Belonging to one of the fastest-growing digital economies in the world, member countries in the ASEAN region experienced a significant amount of cybercrime, ranging from massive data breaches, crippling ransomware attacks and the meteoric rise in cryptojacking.
The report has identified the following as some of the prominent cyberthreats in 2019:
- Botnets. In the first half of 2019, there was an increase in botnet detections and hosting of Command and Control servers in the ASEAN region, which accounted for 7 per cent of botnet detections and 1.8 per cent of Command and Control servers worldwide. The majority of botnets still target the financial sector and its customers, with the aim of gaining remote access to victims’ computers – either to steal personal data such as banking credentials or to install and spread other malicious malwares.
- Phishing campaign increasing in both quantity and sophistication, using a more advanced exploitation of social engineering techniques worldwide with e-mail remaining the top vector for phishing (96 per cent).
- Business email compromise (BEC) campaigns have proven to be low-cost, low-risk but high-rate of return to cybercriminals. ASEAN countries faced a growing number of BEC attacks, at more than 5 per cent of the global BEC attacks. In the first half of 2019, Singapore and Malaysia recorded the highest BEC attacks (54 per cent and 20 per cent of the total attacks in the ASEAN region, respectively).
- Banking malware. The first half of 2019 saw a 50 per cent increase in attacks compared to 2018. The shift of prominent malware families, such as the Emotet16 banking Trojan, from banking credential theft to the distribution business, marks a significant phenomenon observed in 2019.
- Ransomware continues to grow and morph due to the increasing popularity of cryptocurrencies. After the shift to crypto-ransomware, ransomware continued to evolve, adding features such as countdown timers, ransom amounts that increase over time, and infection routines that enable it to spread across networks and servers. Cerber, as an evolved ransomware technology, topped the number of detected ransomwares in ASEAN countries. WannaCry, which ranks second in the ASEAN region but first globally, remains a threat following its rapid propagation in 2017.
- Cryptojacking emerged as a new threat, with the growing use of cryptocurrencies and the ability to harness the computer power of unknown users’ systems to perform cryptojacking, putting businesses and individual users across the globe are at risk.