Southeast Asia businesses battle more than 24M on-device threats in H1 2024

Overall, organisations in Vietnam and Indonesia experienced the most number of local threat incidents, logging 10,531,086 and 7,954,823 respectively. Thailand and Malaysia came behind them in third and fourth with 2,650,007 and 1,965,270. Singapore had the lowest number of on-device threats with 501,148 while the Philippines faced 687,567 cases.

The statistics are produced by Kaspersky Security Solutions scans of files on the hard drive at the moment they were created or accessed, as well as the results of scanning removable storage media.

“The increasing digitisation of financial systems, e-commerce, and other industries has increased the number of internet users and expanded the attack surface for cybercriminals. In addition to that, the lack of awareness of best practices and varying levels of security protection also contributed to businesses facing a high number of threats and attacks,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“Protection against attacks coming from removable devices or non-open form files requires robust security solutions capable of treating infected objects and further enhanced with a firewall, anti-rootkit functionality and control over removable devices. Perform regular computer scans for viruses and malware to prevent spread,” Yeo adds. 

For overall protection, Kaspersky recommends the following:
1.    Always keep software updated on all the devices to prevent attackers from exploiting vulnerabilities and infiltrating the organisation’s network. 

2.    Back up data regularly and ensure they can be accessed quickly when needed or in an emergency.

3.    Avoid downloading and installing pirated software or software from unknown sources.

4.    Assess and audit your supply chain and managed services access to your environment. Kaspersky offers compromise assessment services.

5.    Monitor access and activity by having visibility over the network to spot any unusual activity, and controlling user access on an as-needed, and as-required basis to minimise risks of unauthorised access and data leak. 

6.    Set up a security operation centre (SOC) using an SIEM (security information and event management) tool like Kaspersky Unified Monitoring and Analysis Platform, a unified console for monitoring and analysing information security incidents, and solutions such as Kaspersky Next XDR Expert, a robust cybersecurity solution that defends against sophisticated cyber threats.

7.    Use the latest Threat Intelligence information to have in-depth visibility into cyber threats targeting your organisation and provide your InfoSec professionals with the most comprehensive and up-to-date information regarding potential malicious actors and their TTPs.

8.    Educate employees and improve their cybersecurity literacy through tools such as Kaspersky Automated Security Awareness Platform - Employees should be aware of the risks of cybersecurity threats and how to protect themselves and their organisations from them.

9.    If your company does not have a dedicated IT security function and only has generalist IT admins who may lack the specialist skills required for expert-level detection and response solutions, consider subscribing to a managed service such as Kaspersky MDR. This would instantly boost your security capabilities by an order of magnitude while allowing you to focus on building in-house expertise.

10.    For the protection of very small businesses, use solutions intended to help you manage your cybersecurity even without having an IT administrator on board. Kaspersky Small Office Security provides you with hands-off security due to 'install and forget' protection and saves the budget which is crucial, particularly in the early stages of business development.