Cybercrime
,
Fraud Management & Cybercrime
,
Geo Focus: Asia
High-Growth Economy, Low Spending on Cybersecurity Put Asian Country in Crosshairs
Indonesia has faced the highest number of cyberattacks in the Southeast Asian region over the last six months, with an average of 3,300 cyberattacks per week. Analysts say Indonesia’s growing economy and low level of spending on cybersecurity make it a prime target for hackers.
See Also: OnDemand | Understanding Human Behavior: Tackling Retail’s ATO & Fraud Prevention Challenge
Cybersecurity company Check Point said the number of cyberattacks against Indonesian organizations far exceeded those faced by Southeast Asian counterparts in the past six months. Malaysia and Singapore experienced fewer than half of the attacks – 1,233 incidents per organization a year.
Analysis by global management consulting firm Kearney revealed that both Malaysia and Singapore are leading the rest of the region in terms of cybersecurity capacity building, awareness building, international cooperation, developing national cybersecurity policies, and having sector-specific focus. Indonesia is yet to establish robust cybersecurity policies to lead in these areas, but it is not alone.
“The region’s growing strategic relevance makes it a prime target for cyberattacks. Cyber resilience is generally low, and countries have varying levels of cyber readiness,” Kearney found. “Specifically, there is a lack of strategic mindset, policy preparedness and institutional oversight relating to cybersecurity.”
The firm said the ASEAN region’s cybersecurity industry lacks homegrown capabilities and expertise, and the absence of a unifying framework leads to an underestimation of value at risk, resulting in significant underinvestment. Kearney said Indonesia’s cybersecurity spending as a percentage of GDP is the lowest in Southeast Asia at 0.02%.
Check Point’s latest telemetry data shared with Information Security Media Group places Indonesia as Southeast Asia’s hotspot for cryptomining, botnet, mobile malware and infostealer attacks. XMRig, a legitimate open source cryptomining tool, is increasingly being used for malicious purposes. Attacks involving XMRig accounted for 20% of all attacks targeting Indonesian organizations.
Botnet attacks also accounted for 18.8% of all attacks on Indonesian businesses in the last six months, with the Glupteba botnet gaining prominence again following a takedown by Google in 2021. According to Check Point, Glupteba features a variety of capabilities such as stealing credentials, exploiting router vulnerabilities, and mining cryptocurrency. “Glupteba’s use of bitcoin records improves its resilience against takedowns, since the blockchain transactions cannot be deleted but remain exposed for public inspection,” the firm said.
According to Check Point’s analysis, cybercriminals also used the Ramnit banking Trojan in close to 10% of attacks on Indonesian businesses in the past six months. First discovered in 2010, the banking Trojan steals web session information, giving its operators the ability to steal credentials for bank accounts and social network accounts.
Another growing cybersecurity threat for Indonesian businesses is the rising use of infostealer malware, particularly AgentTesla and Formbook, which accounted for 55% of all infostealer attacks in the Asia-Pacific in 2022. Infostealer attacks on Indonesian organizations in the past six months accounted for 16.9 percent of all attacks, with AgentTesla and Formbook used in most of the attacks.
Threat intelligence company Cyble also called Indonesia one of Southeast Asia’s highest-targeted nations.
“Indonesia is one of the primary targets for cybercriminals and has been the victim of a series of high-profile data breaches in the past months. Reports suggest that Indonesia suffered over 11 million cyberattacks in the first quarter of 2022, a 22% increase from last year,” Cyble said.