Ransomwares new frontier Extortion attacks evolve in Asia Pacific Intelligent CISO

pIntelligent CISOppCovering Security Across BordersppA new report from Akamai finds that ransomware attacks in the Asia Pacific region are growing in both sophistication and complexity The State of the Internet SOTI report delves into the tactics and techniques being used by attackers and the significant consequences for organisationsppAkamai Technologies the cybersecurity and cloud computing company that powers and protects business online has found that bad actors are using a new quadruple extortion tactic in ransomware campaigns while double extortion remains the most common approach ppWith ransomware accounting for more than half of the total data breaches in this region in 2024 Asia Pacific APAC enterprises must scrutinise and strengthen their cyber defenses to minimise vulnerabilities and ensure business resilienceppAccording to the new Akamai State of the Internet SOTI report Ransomware Report 2025 Building Resilience Amid a Volatile Threat Landscape the emerging trend of quadruple extortion includes DDoS Distributed Denial of Service attacks and pressuring third parties like customers partners or media to increase the pressure on the victim That builds on double extortion ransomware in which attackers simply encrypt a victims data and threaten to leak it publicly if the ransom is not paidppRansomware threats today are not just about encryption anymore said Steve Winterfeld Advisory CISO at Akamai Attackers are using stolen data public exposure and service outages to increase the pressure on victims These methods are turning cyberattacks into fullblown business crises and are forcing companies to rethink how they prepare and respondppHealthcare and legal sectors in APAC are in the crosshairsppMajor ransomware groups like LockBit BlackCatALPHV and CL0P remain dominant actors across the region though new entrants like Abyss Locker and Akira are rapidly rising These groups have targeted APACs critical sectors from healthcare to legal services with alarming precision Notable incidents include the Abyss Locker breach of 15TB of sensitive data from Australias Nursing Home Foundation and a US19 million extortion payout by a Singaporebased law firm following an Akira attackppHybrid ransomware activist groups are also gaining traction Using ransomwareasaservice RaaS platforms groups like RansomHub Play and Anubis are targeting APACbased small and mediumsized enterprises healthcare organisations and educational institutions One Australian in vitro fertilisation clinic and multiple medical practices were recently breached by these newer syndicatesppCompliance complexity Is a growing liabilityppIn APAC fragmented compliance and uneven regulatory maturity are fueling the evolving use of regulation extortion tactics by ransomware groups For example failure to comply with Singapores Personal Data Protection Act PDPA can result in fines of up to 10 of annual revenue India imposes potential criminal penalties while Japan currently has no formal financial penalties for noncompliance These inconsistencies leave multinational enterprises navigating a complex regulatory patchwork that can slow reporting efforts or worse create blind spots attackers are keen to exploitppZero Trust and resilience remain criticalppAkamai highlights the growing importance of Zero Trust and microsegmentation as essential defenses against modern ransomware tactics in the report For example a regional consulting firm in APAC used softwaredefined microsegmentation to enforce Zero Trust access controls reducing the internal attack surface and halting lateral movement before damage could spreadppAsiaPacifics digital economy is one of the fastest growing in the world largely due to its rapid pace of innovation said Reuben Koh Director of Security Technology and Strategy AsiaPacific Japan at Akamai However security teams are being challenged to keep up with a frequently expanding attack surface and Ransomware attacks tend to target those blind spots Organisations need to reassess their security posture and doubledown in their efforts to be more cyber resilient Adopting Zero Trust architectures that are centered around verified access and microsegmentation are a good way to minimise the impact of a ransomware attack Together with regular recovery drills and incident response simulations these will become core essentials in improving cyber resilience against attacks like ransomwareppAdditional global insights from the reportppRead the full report to learn moreppSignup to the newsletter and never miss out on the latest newspp
A Intelligent Global Media Brand
pp
Privacy Policy
ppBrowse our latest issueppView Magazine Archivep