Group-IB unveiled its annual Hi-Tech Crime Trends 2022/23 outlining the biggest threats faced by Governments, organizations and businesses across a diverse landscape. The High Tech Crime Trends also share forecasts on the biggest threats in 2023. A few highlights that disrupted organizations in the Asia Pacific include:-
Cyber Attacks in the APAC:
- Asia Pacific ranks third behind North America and Europe, according to the report. There were 322 attacks, with Australia, India, and China being the most targeted countries. The most active groups in the region were Lockbit, Conti, and Hive.
- A Unix rootkit called Caketap, attacked ATMs in Asia by incepting banking cards and PIN verification data from breached ATM switch servers. These stolen data are then used to facilitate unauthorized transactions.
APAC Emerges as Major Target for Nation-State Ransomware Attacks:
- Threat actors often use compromised VPN and RDP account credentials to access target company networks. In recent years, ransomware operators have increasingly purchased such access on the dark web. This allows them to bypass initial stages of an attack and find new victims faster.
- The market size for selling access to business networks on dark web forums has decreased to $6 million (down from $7 million in H2 2020 – H1 2021). The decrease is due to a drop in average price, coupled with an increase in the number of offers available.
- APAC ranks second to the US in terms of the number of access offers, with India the top country in the region for access offers.
- 322 attacks were conducted in the APAC region, amounting to 11% of all attacks worldwide.
Ransomware is still the number one threat in the world:
- Despite key threat actor forums banning searching for affiliates, the ransomware-as-a-service market (RaaS) continues to evolve. Group-IB discovered 20 new public affiliate RaaS programs.
- Ransomware groups are becoming increasingly similar to IT startups, with their own corporate structures, departments, incentive programs, and days off.
- Threat actors are using zero-day vulnerabilities and supply-chain attacks to infect victims.
Military operations are ongoing worldwide:
- Group-IB specialists discovered 19 new state-sponsored groups that specialize in cyber espionage.
- In 2022, China started publicly reporting attacks by state-sponsored hackers against its infrastructure.
- Most attacks against critical infrastructure are successful because basic security requirements (such as updating software in time and patching) are not followed.
Manufacturing and Real Estate Industries Most Affected by Ransomware Attacks in 2023:
- Several industries, including finance, manufacturing, information technology, energy, and telecommunications, will continue to face increasing dangers in 2023.
- Principally targeted by ransomware operators were the manufacturing and real estate sectors. These sectors accounted for almost twenty percent of ransomware outbreaks.