Kaspersky warns of growing phishing, scams, data breaches, and APT Attacks in APAC.

Kaspersky warns of growing phishing, scams, data breaches, and APT attacks in APAC. (Source – Kaspersky).

Kaspersky foresees rise in phishing, scams, data breaches, and APT attacks in APAC for 2024

  • Kaspersky predicts increased cyberthreats in APAC for 2024, focusing on phishing and political attacks.
  • Escalating cyberthreats, with scams in Southeast Asia and DDoS attacks in Singapore.
  • APAC faces telecom fraud in China, loan app scams in India, and election threats in South Korea.

Fueled by the Asia Pacific’s (APAC) rapid digitalization and existing geopolitical tensions, Kaspersky’s experts forecast the cybersecurity threats likely to impact the region this year.

Kaspersky highlights the ongoing risks of phishing, scams, data breaches, and politically driven cyberattacks, which are expected to continue affecting both organizations and individuals in the region.

Vitaly Kamluk, the head of the Research Center for Asia Pacific at Kaspersky's Global Research and Analysis Team (GReAT).

Vitaly Kamluk, the head of the Research Center for Asia Pacific at Kaspersky’s Global Research and Analysis Team (GReAT).

Vitaly Kamluk, the head of the Research Center for Asia Pacific at Kaspersky’s Global Research and Analysis Team (GReAT), notes the exponential growth of APAC’s digital economy, projecting its continued expansion over the next five years. The region’s increasing embrace of digital technologies, including digital payments, superapps, IoT, smart cities, and emerging generative AI, underscores the critical importance of cybersecurity in safeguarding the region’s digital infrastructure from potential cyberthreats.

Kamluk observes that cyber-espionage remains the primary goal of Asian advanced persistent threat (APT) groups, a trend he expects to persist in 2024 due to ongoing geopolitical frictions.

Kaspersky’s GReAT team has also made vital cyberthreat predictions for 2024, focusing on major countries and territories within APAC.

Expanding cyberthreats in Southeast Asia

In Southeast Asia, the proliferation of scams poses a significant challenge. The UN reports that hundreds of thousands of people have been recruited for online scam operations like romance-investment scams, crypto-fraud, money laundering, and illegal gambling.

These recruits are often lured through seemingly legitimate job adverts for roles like programmers and marketers. The complexity of these scams in Southeast Asia is exacerbated by widespread digital payment adoption, limited online user protections, and the sheer number of people involved in these criminal activities.

Kamluk highlights the efforts of law enforcement in tackling these scams and phishing attacks, citing successful operations in 2023, including a collaborative effort by the Australian Federal Police, the FBI, and the Malaysian Police, which led to several arrests. However, he predicts a continued rise in these online scams and phishing attacks across Southeast Asia due to widespread technical and legal illiteracy.

In Singapore, 2023’s significant technological security incidents revolved around data breaches and service outages. DBS bank experienced a significant operational failure in October 2023 due to a data center outage, affecting millions of transactions. While not attributed to a cyberattack, this incident and similar outages highlight the need for enhanced service reliability and security. Similarly, Citibank faced operational issues, underscoring the importance of infrastructure resilience amid ongoing changes that present opportunities for cyberattackers.

DBS bank experienced a significant operational failure due to a data center outage - Kaspersky 2024.

DBS bank experienced a significant operational failure due to a data center outage. (Source – X).

Singapore also faced web service disruptions in several public hospitals and polyclinics due to a DDoS attack. The attack flooded servers with traffic, preventing access to online services. While the attack didn’t compromise data or internal networks, it revealed a vulnerability to DDoS threats. Several Singaporean websites were defaced for political motives in late 2023, targeting various entities, including a historical temple and a tourism agency.

Kamluk predicts that Singapore will likely continue to face threats such as denial-of-service attacks, politically motivated compromises, defacements, and data leaks in the future. He also warns of the ongoing threat of targeted ransomware, which could involve pressuring victims through regulatory complaints.

In China, efforts to combat telecom fraud have intensified, with the government seeking international cooperation to address this issue. This crackdown may lead to a decline in telecom fraud activity, particularly from groups operating in northern Myanmar. However, Kaspersky researchers have observed a surge in phishing attacks targeting Chinese citizens, focusing on stealing credit card information via QR code scams. These attacks show no signs of abating and are expected to peak again towards the end of the year and early next year.

APT attacks against high-profile targets in China are also on the rise. Reports of cyberattacks on various national institutions and organizations have surfaced, with spyware artifacts like ‘Second Date’ being identified.

These cyber-espionage tools allow full control over network devices and prolonged data theft, with targets including a university involved in military-industrial projects and government departments handling geographic data. Additionally, active APT organizations have been observed launching attacks against Chinese nuclear energy companies and other unspecified targets. Given China’s geopolitical significance, an increase in APT attacks targeting the country is expected.

India and South Korea: emerging cybersecurity challenges

In India, the popularity of micro-loan apps has led to new schemes targeting users with inflated premiums and personal threats. The country’s move towards smart cities also raises significant security concerns due to IoT vulnerabilities.

South Korea is set to experience increased cybersecurity threats in 2024, coinciding with a significant general election. Historical patterns suggest that such political events attract cybercriminals aiming to disrupt proceedings through sophisticated social engineering and direct attacks. Customized cyberthreats tailored to South Korea’s local IT environment have been persistent, with state-sponsored actors exploiting vulnerabilities in widely used software solutions.

As 2024 approaches, these tailored threats are expected to continue, posing ongoing challenges for South Korea’s cybersecurity.

Kamluk emphasizes the need for vigilance and preparedness across the APAC region, as these diverse and evolving cyberthreats pose significant risks to organizations and individuals alike.

Predictions and recommendations from Kaspersky for 2024

For APAC organizations, Kaspersky suggests the following measures to safeguard against anticipated cyberthreats in 2024:

  • Ensure all devices are consistently updated with the latest software versions to block attackers from exploiting network vulnerabilities.
  • Implement robust passwords for accessing corporate systems and adopt multi-factor authentication for remote service access.
  • Opt for a reliable endpoint security solution that includes behavior-based detection and anomaly controls, offering robust defense against known and emerging threats.
  • Employ a comprehensive suite of endpoint protection tools, along with threat detection and response solutions, to quickly identify and neutralize even the most elusive new threats.

As APAC continues to embrace digital transformation, the region faces a complex and evolving cybersecurity landscape. From phishing and scams to politically motivated attacks, Kaspersky warns that organizations and individuals across APAC must prioritize robust cybersecurity strategies to safeguard their digital infrastructures and maintain resilience in the face of these challenges in 2024.