Connect with us

Hi, what are you looking for?


Kaspersky Zeroes In On Ransomware Evolution In National CISO Conference 2022 By NACSA


Kaspersky, the global cybersecurity and digital privacy company said that the ransomware groups targeting organizations in Malaysia are constantly improving their skills and sharpening their techniques.

Speaking at the National CISO Conference 2022, an event organized by the National Cyber Security Agency (NACSA) of Malaysia, Kaspersky highlighted the global and local threat landscape zeroing in on ransomware, especially the notorious group REvil. 

Genie Gan, Kaspersky’s Head of Public Affairs and Government Relations for the Asia Pacific (APAC) & Middle East, Turkey, and Africa (META), shared that REvil initially distributed itself through an Oracle Weblogic vulnerability and carried out attacks on managed service providers (MSP). 

From there, Kaspersky experts have discovered that REvil also exploits the CVE-2018-8453 vulnerability to elevate privileges in Windows and uses legitimate processor functions to avoid detection by security solutions. REvil is still actively attacking its victims globally including those in Malaysia. 

“The creators of REvil ransomware have a network of carefully chosen affiliates who distribute the Trojan and share a portion of the extorted money. This notorious group targets most sectors with its top three victims coming from the engineering and manufacturing industry (30%), followed by finance (14%) and professional and consumer services (9%). As we can see that groups such as REvil focus on financial rewards, it will remain a serious threat to corporations and organizations globally and in Malaysia,” adds Gan. 

Aside from active ransomware groups, Gan also shared with the conference attendees – comprised of ICT security officers from public sectors, and chief information security officers (CISO) from both public and private sectors – the level of awareness among the C-level executives in Malaysia towards this threat.

A survey conducted by Kaspersky revealed that the majority (94%) of senior non-IT managers (such as CEOs, VP, and Director level) and business owners or partners in Malaysia are aware of ransomware families such as Wannacry, REvil, Conti, Lockbit, NotPetya and more. Seven in 10 (74%) of them expect a ransomware attack against their businesses.

Their expectations appeared to be valid as two in three (74%) of C-suite surveyed from Malaysia admitted that they have been attacked by ransomware before. Out of which, 40% said they have faced one incident while 34% said they have been attacked several times. 

The majority of those attacked (83.8%) paid ransom to decrypt their data.

In addition, only 4% of the executives surveyed have third-party incident response providers, and none of them has incident response capabilities internally.

“Clearly, enterprises and organizations in Malaysia know the damage that can be caused by ransomware attacks but lacks the necessary technologies to respond and recover after an incident. A holistic approach is needed to fill this gap. The Malaysian government continues to conduct concrete steps and we encourage all sectors to work together in building the country’s cyber capacity cooperation efforts because these two are basically the building blocks of a cyber-resilient economy,” adds Gan.

Fort their part, Kaspersky co-founded the global project called “No More Ransom Initiative” which has grown from four partners to 188 and has contributed 136 decryption tools covering 165 ransomware families.

Since its launch in 2016, it has helped more than 1.5 million people decrypt their devices all over the world. Nearly 30,000 ransomware victims from July last year to June end of 2022 in SEA were also able to retrieve their data through this project.

To help enterprises and organizations defend their systems against the evolving threat of ransomware, Kaspersky provides the following steps: 

You May Also Like


Cybercriminals are so dangerous. As hybrid and remote work continue to be the norm in Southeast Asia (SEA), Kaspersky has foiled here over 47M...


Digital transformation, that’s been boosted by the pandemic, has reached an unprecedented scale, with IDC expecting its global spending to reach $2.8 trillion within...


Cyberattacks can be prevented before an attacker is inside the internal network. Threat monitoring allows organisations to take action and properly neutralise a threat...


New data from Kaspersky shows that Malaysian children are big consumer of video content.  As of 1 March, this year, YouTube app on Android...


Copyright © 2021 Siakap Keli Sdn. Bhd.