Southeast Asia’s geographic location and resources make it a financial and technology hub for the region. With the growing digital economy and varying levels of cybersecurity infrastructure among member states, the region remains a hotbed for ransomware attacks, with large organizations and small and medium-sized enterprises (SMEs) continuing to be targeted by cybercriminals.
Large organizations and small and medium enterprises (SMEs) continue to be targets of cybercrime
“Overall, cybercriminals, including ransomware groups, are targeting critical infrastructure and vulnerable industries such as finance, public services, manufacturing and healthcare. Notably, many attackers are targeting large financial targets,” said Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
Indonesia was the most attacked country in Southeast Asia by ransomware, with 32,803 incidents blocked by Kaspersky, according to the report. It was followed by the Philippines with 15,208 ransomware attacks and Thailand with 4,841 cases. Malaysia ranked fourth with 3,920 malicious attacks, followed by Vietnam with 692 and Singapore with 107 attacks.
“A ransomware attack can have a devastating impact both financially and reputationally,” Hia added. “Organizations have to expend significant resources to deal with the aftermath, while also facing costly disruptions and downtime, and then having to spend additional time restoring systems. No organization wants to be in such a situation, especially critical infrastructure and service providers.”
To protect businesses from ransomware attacks, Kaspersky experts make the following recommendations:
- Always keep software up to date on all devices to prevent attackers from exploiting vulnerabilities and breaking into your organization's network.
- Install VPN solutions immediately so that employees can access remotely, this measure acts as a "shield" to protect the network for the business.
- Back up your data regularly and securely so you can quickly access it when needed or in an emergency.
- Avoid downloading and installing pirated, unknown or unverified software.
- Assess and audit the supply chain and management service access to the enterprise system. For this, enterprises should use the penetration assessment service to detect risks provided by Kaspersky.
- Do not expose remote desktop management/control services (such as RDP, MSSQL...) to the public network unless absolutely necessary. Always use strong passwords, two-factor authentication, and firewalls to secure these services.
- Monitor network access and activity to detect unusual activity and limit user access based on real-world needs to minimize the risk of unauthorized access and data leakage.
- Set up a Security Operations Center (SOC) using a security information and event management (SIEM) solution such as Kaspersky Unified Monitoring and Analysis Platform - a unified dashboard for monitoring and analyzing cybersecurity incidents. Businesses can also use Kaspersky Next XDR Expert - a powerful cybersecurity solution that helps protect businesses against complex cyber threats.
- Stay up to date with the latest Threat Intelligence to gain insight into cyber threats targeting your organization, providing your InfoSec team with the latest information on potential threat actors and the tactics, techniques, and procedures (TTPs) they employ.
Source: https://thanhnien.vn/cac-cuoc-tan-cong-ransomware-tiep-tuc-nham-vao-nhieu-to-chuc-tai-dong-nam-a-185241123224036564.htm
![[Photo] Prime Minister Pham Minh Chinh attends the event "Digital transformation of the banking industry by 2025"](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/5/29/0e34cc7261d74e26b7f87cadff763eae)
![[Photo] Prime Minister Pham Minh Chinh receives leaders of Excelerate Energy Group](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/5/29/c1fbe073230443d0a5aae0bc264d07fe)
Comment (0)