Thailand recorded the second-highest number of targeted ransomware attacks in Southeast Asia and hackers are expected to increase their extortion and inflict greater damage on financial and reputational victims with Ransomware 3.0, says Russia-based cybersecurity firm Kaspersky.
"Thailand was No.2 in terms of ransomware incidents blocked by Kaspersky in Southeast Asia. Businesses should be more vigilant against this threat," said Benjamas Chuthapiphat, territory manager for Thailand at Kaspersky.
According to the company's data, a total of 304,904 ransomware attacks against businesses in the region were blocked by Kaspersky's business solutions last year.
Indonesia recorded the highest number of incidents with 131,779 attacks, followed by Thailand at 82,438 and Vietnam at 57,389.
The Philippines logged a total of 21,076 ransomware attacks; Malaysia had 11,750 and Singapore had 472.
Ransomware is a type of malware that locks the victim's computer and mobile devices, or encrypts their electronic files. To receive the "decryption" key to get data back, a ransom is required by the cybercriminals behind the attack.
High-impact incidents include the "Wannacry" Ransomware, which caused an estimated US$4 billion in damage.
Ransomware has been evolving since 2020, according to Kaspersky. For Ransomware 2.0, hackers were more targeted and changed from encrypting data in Ransomware 1.0 to publishing confidential information online. Hackers also provide "ransomware-as-a-service".
Hackers are shifting to Ransomware 3.0 to increase extortion and inflict wider damage on the finances and reputation of companies.
"The rise of targeted ransomware groups who added another extortion mode -- either through reselling the data or files they have hacked, conducting distributed denial of service attacks against their victim or the victim's customers, or using the same data to conduct follow-up attacks like targeted phishing -- are dubbed Ransomware 3.0," said Ms Benjamas.
"Trojan-Ransom.Win32.Wanna and Trojan-Ransom.Win32.Gen are the two most common ransomware used to target businesses in Thailand."
A company survey found three out of five regional executives admitted they were victims of ransomware and 82% said they paid a ransom.
In addition, only 5% of enterprise leaders in the region confirmed they have internal incident response capabilities or a regular IT team or service provider to deal with ransomware attacks.
She said banks and the government sector are the top two cybersecurity spenders in Thailand.
Kaspersky Thailand aims for double-digit growth this year, similar to last year's performance.
Puttipong Ponglaksamana, presales manager at Kaspersky Thailand, said the cybersecurity trend will move to providing an extended detection and response platform, which provides multi-layer protection for enterprises.