KUALA LUMPUR (May 25): Asia Pacific (APAC) region remains as one of the top targets for Ransomware 2.0 attacks globally in 2020, with increasing Ransomware Evil (REvil) and JSWorm attacks, says global cybersecurity company, Kaspersky.
Its lead malware analyst, Alexey Shulmin, said out of 1,764 Kaspersky users targeted by the REvil group, 635 were companies and individuals from the APAC region.
“Vietnam, mainland China and India were the top three most attacked countries in the APAC region, followed by Indonesia and Korea.
“Other countries in the top 10 REvil attacks in APAC include Japan, Thailand, the Philippines, Malaysia, and Australia,” he said in a webinar entitled ‘Emergence of Ransomware 2.0 in the APAC region’, today.
Shulmin said REvil attacks in the APAC region have increased significantly beginning July 2020 with 290 registered users being attacked in the month as compared to only four users attacked in the previous month.
“Our telemetry also showed the group has actively spread their malicious arms from the APAC region to the world and since 2019, most of the victims were from APAC countries, namely Taiwan, Hong Kong and South Korea,” he said.
According to Shulmin, the biggest industries targeted by the REvil attackers were the engineering and manufacturing sectors, comprising 30% of the attacks.
“This is followed by the financing sector (14%), professional and consumer services (9%), legal, information technology (IT) and telecommunications (7%), as well as food and beverages (7%),” he added.
In the meantime, Shulmin said the number of JSWorm victims was relatively lower in 2020, but attacks had increased 752% as compared to 2019.
“In March 2020, we have successfully blocked attempts against 230 users globally – a significant increase from 27 users in 2019,” he added.
Shulmin noted that mainland China was the top target for the JSWorm attack in the APAC region, while Malaysia is in the seventh spot behind Indonesia and Hong Kong.
“Engineering and manufacturing were the top sectors affected by the JSWorm attack, followed by energy and utilities, financing, and professional and consumer services,” he added.
