How APAC organizations are leading the fight against malware

The Asia-Pacific (APAC) region has long been at the forefront of technological advancement and digital transformation. However, the relentless threat of malware looms larger than ever, necessitating robust strategies and measures for organizations to protect their systems and networks.

Malware – encompassing malicious software such as viruses, ransomware, spyware and other threats – poses a significant threat to the integrity and safety of sensitive data across the APAC region. The consequences of a successful malware attack can be severe, leading to financial losses, reputational damage and compromised customer trust.

Malware attacks – the threat to APAC

The evolving nature of malware and the sophisticated tactics employed by cybercriminals mean it is imperative for APAC organizations to implement comprehensive strategies that encompass preventive, detective and responsive measures. 

According to IBM Security’s X-Force Threat Intelligence Index 2023, Asia-Pacific was the most attacked area in 2022 – the second year in a row the region topped the charts – accounting for 31 percent of global incidents (a five percent increase on 2021).

IBM Security found Japan was by far the worst hit country in APAC, accounting for 91 percent of cases. The Philippines suffered five percent of the region’s attacks, with Australia, India and Vietnam each accounting for 1.5 percent. 

Backdoor attacks emerged as the most common modus operandi of cybercriminals targeting APAC, occurring in 31 percent of cases across the region. Ransomware ranks were second at 13 percent, while malicious documents (maldocs) claimed the third spot with 10 percent. 

Among the observed impacts of malware attacks, extortion topped the list with 28 percent, followed by significant implications for brand reputation at 22 percent, while data theft held the third position at 19 percent.

APAC malware attacks

The malware threat to organizations in the APAC region was underlined in February 2023 when cyber security firm Symantec uncovered a campaign targeting entities in Asia’s medical and shipping industries. 

The attackers – named ‘Hydrochasma’ by Symantec – used a range of phishing lure documents tailored to the victim organizations, with email subject lines carefully designed to be relevant to the target.

With the campaign dating back to October 2022, malware used by the Hydrochasma attackers includes commonly used tools such as Meterpreter, Procdump Sysinternals, BrowserGhost and Cobalt Strike.

According to Symantec, the lack of custom malware used in the campaign is notable as “publicly available tools can help make an attack stealthier, while also making attribution more difficult”.

APAC organizations fight back against malware

In the face of such malware threats and attacks, there are some notable examples of APAC organizations taking decisive action.

For example, in autumn 2022, Singapore Telecommunications (Singtel) suffered a double whammy when its Australian unit Optus was hit by two cyber attacks within weeks, compromising data of former and current employees, clients and millions of customers.

In response, Singtel CEO Yuen Kuan Moon immediately set aside A$140m to deal with the problem.  

“We want to make sure we focus on this at a group level,” he told CNBC, revealing that the funds would be used to set up an external independent review, provide a credit monitoring service for affected customers and replace identification documents where needed.

“We are working with federal and state government agencies to address concerns, to learn from this and to share the learnings with the business community and public to improve cyber awareness,” the CEO added.

Cyber security recruitment and training in APAC

Other APAC organizations are focusing on training and recruitment to address cyber security. For example, Japan-based tech giant Rakuten is focusing on developing cyber security professionals for the future. 

Under the guidance of Yoshinari Fukumoto, CISO Advisor and general manager of the cyber security defense department at Rakuten Group, the company has forged a partnership with the Tokyo Institute of Technology, resulting in an annual cyber security attack and defense intensive program based on practical cyber security knowledge from a real-world security team. 

The Rakuten cyber security defense department’s internship program also offers students the opportunity to explore cyber security as a career path. 
The focus on developing talent is timely, as demand for cyber security professionals in APAC is surging, according to the 2022 (ISC)2 cyber security Workforce Study. The report found that 71 percent of APAC respondents expected their cyber security staff to increase somewhat or significantly within the next 12 months. 

Organizations in APAC territories are also readying their existing staff for action against the threat of malware, as well as covering themselves for future breaches. A Statista survey on cyber security conducted among companies in the Asia-Pacific region in 2022 found that 68 percent of respondents favored regular training exercises as their primary measure to combat cyber incidents, while 52 percent of participants opted to purchase cyber insurance as a response measure. 

Protection against malware in APAC

Meanwhile, a number of tech giants are taking significant steps to help APAC companies address the need for greater cyber security. 

In 2022, IBM opened a new security command center in India to help Asia-Pacific organizations increase their cyber resilience. 

In the previous year, Microsoft announced a raft of new products and guidance to enhance security in hybrid work environments across APAC. 

Malware protection guidance in APAC

The need for APAC organizations to be vigilant against malware is clear. A recent report by the Cyber Security Agency of Singapore (CSA) noted an increase in phishing scam campaigns and ransomware.

The organisation’s guidance for guarding against such attacks includes:

• Ensuring appropriate security controls are implemented.
• Implementing network segmentation within the environment and limiting communications between different network zones.
• Enhancing monitoring and detection capabilities to identify anomalous activities.
• Mapping out dependencies between operations and business flows and developing appropriate contingency plans.

Similarly, the Australian Cyber Security Center offers organizations – including small businesses – comprehensive guidance on malware threats, as well as resources to report incidents and recover from them. 

Staying one step ahead of malware in APAC

By understanding the evolving malware threat, staying abreast of emerging technologies, and implementing proactive security measures, APAC organizations can fortify their cyber security and ensure a safer and more resilient digital future for the entire region.