Kaspersky releases five key cybersecurity trends to watch out in the Asia Pacific
More mobile threats
The growth in threat actors targeting mobile devices will continue to grow, mostly in line with the growth in mobile device use. Compromising mobile platforms will continue as mobile exploits become a commodity and the price for it goes down.
“Mobile users in the Asia-Pacific remain vulnerable to social-engineering which is up to this time one of the most common attack vectors. Common users are often tricked by online scams, automated dialers, sextortion attempts, and free online services offering free streaming video, which often come with hidden in-browser cryptocurrency miner,” said Vitaly Kamluk, Director for Global Research and Analysis Team (GReAT) Asia Pacific at Kaspersky.
New techniques and new platforms
In 2019, Kaspersky researchers have seen Advanced Persistent Threats (APT) actors active in this region taking on new techniques and approaches such as using steganography by Ocean Lotus or Developing malware in Nim programming language by Zebrocy or using malicious LNK files by HoneyMyte.
Researchers have also seen Ocean Lotus with their new iOS malware in 2019. This threat actor has been actively adopting new techniques, which are aimed to complicate malware analysis.
More attacks targeting countries involved in “Belt and Road Initiative (BRI)”
Kaspersky also saw last year at least a few threat actors targeting countries in the region involved in “BRI” such as Ocean Lotus, Lucky Mouse, and HoneyMyte and with more advancements in different aspects of this initiative, it’s likely to see more attacks motivated by it.
BRI is a programme which aims to connect China to the world. Announced in 2019, the project aims to link the country to three continents --- Asia, Africa, and Europe --- through interlinked land and maritime networks. The end goal is to ramp up trade and economic growth and to boost regional integration.
Supply chain attacks remain one of the largest threats
In 2019, researchers from Kaspersky have also discovered and announced a breach of several software supply chain companies in Asia. Threat actor known as ShadowPad/ShadowHammer is believed to be responsible for this sort of attacks.
It is also worth noting that a survey conducted by Kaspersky showed that successful supply chain attacks can cost as much as $2.57m on average.
Given that this group has been active in the past several years doing similar attacks on a lower scale, we expect this actor to continue, and also other groups to move into this segment. Kaspersky expects to see more reports of software supply chain companies being compromised.
Olympic Games in Japan
It has almost become a tradition to run politically motivated attacks during the Olympic Games. With high political tension in many regions of the world, we shall expect one or even several independent attacks to happen during the upcoming Olympic Games in Tokyo.
“With its developed countries at the forefront of 5G technology and Industry 4.0 and its emerging economies with hyper-online and highly mobile and young population, Asia Pacific is definitely at the centre of the new technologies and trends that will define the new decade. These truths combined with the geopolitical structure of the region will definitely shape its landscape in the region,” commented Stephan Neumeier, managing director for Asia Pacific at Kaspersky.
The full list of Kaspersky Threat Predictions for 2020 is available on Securelist.com. This list of predictions is a part of Kaspersky Security Bulletin (KSB) – annual series predictions and analytical articles on key changes in the world of cybersecurity. Follow this link to look at other KSB pieces.