Viettel Cyber Security: How Philippine Companies Can Prepare for the Rising Ransomware Threat

 
In 2023, businesses in the Philippines were rocked when a company fell victim to the devastating Medusa ransomware. Several months later, an executive department of the Philippine government online systems were temporarily taken offline due to a ransomware attack. Those are just 2 out of hundreds of Ransomware attacks on businesses in the Philippines recently.
Ransomware incidents have become increasingly rampant and aggressive, not only in the Philippines but also in the surrounding region.
Notable Statistics on Ransomware
In the first half of 2024, data encrypted in Ransomware attacks across Southeast Asia reached over 7 Terabytes, with an estimated total ransom amounting to 13 million USD.
“Ransomware attack groups are now operating globally with annual revenues potentially reaching hundreds of millions, even over 1 billion USD” – Mr. Quang Tran Minh, Director of Intelligence Center, Viettel Cyber Security said.
Anyone Can Trigger An Ransomware Attack
Viettel Threat Intelligence has issued a serious warning about the increasing threat of ransomware attacks targeting organizations and businesses across the Philippines.
These attacks involve encrypting sensitive data and virtual infrastructure, causing severe disruptions and significant financial losses, leaving many businesses and organizations unprepared. Attackers escalate initial access to penetrate deeper into the system and then execute data encryption.
On average, it takes 21 days to detect a cyberattack, followed by 12 hours to control the damage, six hours to investigate, and another 12 hours to remediate.
Attackers can remain in the system for a long time, up to 6 months to a year, becoming very familiar with the organization’s behavior, waiting for the right moment to execute encryption, leading to devastating consequences.
“Ransomware combined with targeted APT attacks has become a highly profitable business model, called Ransomware-as-a-service or RAAS, allowing anyone with money and malicious intent to carry out ransomware attacks.”
How Can Businesses Proactively Prevent and Mitigate the Impact of Ransomware?
According to recent researches of Viettel Cyber Security experts, privileged accounts are the shortest path and also the first target of attackers to exploit enterprise infrastructure. Allowing the display of information for remote connection services such as VPN, RDP through default ports or on websites, and unrestricted device usage are among the common mistakes made by enterprises, and your business may also be making.
Is your business ready before Ransomware attack?
Download the Ransomware Guideline here to read full information to protect your business from increasingly sophisticated and unpredictable ransomware attacks.

Recommendations from VCS for preventing and responding to ransomware encryption attacks: Common mistakes made by businesses and expert recommendations.
Scenario of ransomware data encryption attacks.
Frequently asked questions.

Cybersecurity is an ongoing battle between attackers and defenders in both knowledge and technology. We are ready to advise and accompany enterprises in their journey to combat cybercrime and promote the secure development of businesses.
Download the Ransomware Guideline document for fundamental and comprehensive knowledge about the most dangerous form of cybercrime today.
Download here
Disclaimer:
This guideline serves the sole purpose of sharing technical information with the information security community and business organizations to raise awareness about information security and to have plans to prevent issues related to network information security risks. Any other allegations regarding the content of this report are not in line with our publishing purpose. The report uses some information gathered during the service provision for customers of Viettel Cyber Security (VCS).
The post Viettel Cyber Security: How Philippine Companies Can Prepare for the Rising Ransomware Threat appeared first on HIPTHER Alerts.