Ransomware Gangs Pummel Southeast Asia

September 9, 2024

While 75% of the global ransomware attacktrade currently targets North America and Europe, there are signs pointing to arising interest in Southeast Asia, and analysts predict that interest willcontinue to rise. Telemetry data provided by Trend Micro indicates thatransomware is a growth sector in southeast Asia, outpacing the rate ofransomware growth in European nations. This continues a trend from 2023, wherethe number of publicly reported ransomware attacks rose by 85% in Asia. Thisyear we have observed powerful cyberattacks such as the takedown of multiplegovernment agencies in Indonesia by the Brain Cipher gang, a ransomware-basedlockdown of a major securities brokerage in Vietnam, and the spreading ofmalicious PyPI packages in Japan, and we are likely to see more before the yearends.

 

The Asia-Pacific region is also a hotbed of cybercrime activity. North Korea, of course, is notorious for using cybercrime as a source of funding, stealing vast quantities of cryptocurrency and extorting sums in ransomware. Criminal syndicates across the region, many of them based in China, operate fraud centers in Cambodia, Laos, and Myanmar, where individuals are trapped and forced to perform industrial scale fraud, notably the well known pig butchering schemes.

 

How to mitigate this rising tide? Analysts suggest the growing focus on the region is opportunistic: growing economies that need to rapidly digitize in order to meet rising demand often do not make cybersecurity a priority, leading to networks riddled with misconfigurations and vulnerabilities that are easy for attackers to exploit. Rectifying this is the responsibility both of the individual businesses involved and of the national governments of the region. Several are already updating their regulations to address these problems. In May, Singapore updates the terms of its Cybersecurity Act to address its reliance on third party cloud services, and in April Malaysia passed new legislation that required new licensing standards for its cybersecurity service providers. Other countries in the APAC region should consider following their example.

More from Blackwired

September 10, 2025

Stealthy attack serves poisoned web pages only to AI agents

New AI browser attack targets agents via hidden prompts, exploiting unique agent fingerprints to deliver invisible malicious code.

Read more
September 3, 2025

First AI-Powered Ransomware Created Using OpenAI's gpt-oss:20b Model

PromptLock is an AI-powered ransomware PoC using LLMs to generate dynamic, hard-to-detect, cross-platform attacks.

Read more
August 27, 2025

Chinese Hackers Silk Typhoon Escalate Cloud and Telecom Espionage

Silk Typhoon targets cloud via zero-days, supply chains, and trusted ties; monitor edge, patch fast to detect and defend.

Read more

© 2024 Blackwired. All Rights Reserved.