Kaspersky recently unveiled its Kaspersky Extended Detection and Response (XDR) platform which aims to mitigate the costly threat of targeted ransomware for businesses in Malaysia.
Ransomware – the malware that locks a device or files – continues to evolve in quality and quantity. Last year, the global cybersecurity company noted the almost two-fold (181%) increase in ransomware encountered daily, which translates to 9,500 encrypting files per day globally.
The malicious actors behind these attacks also continue to sharpen their tactics and tools to earn more. Back in 2020, Kaspersky sounded the alarm against Ransomware 2.0. These attacks are highly targeted and employ “pressure tactics” to ask for higher ransom and to increase the reputational impact of an attack.
Two years after, we see the rise of targeted ransomware groups who added another extortion mode – either through reselling the data or files they have hacked, conducting DDoS attacks against their victim or the victim’s customers, or using the same data to conduct follow-up attacks like targeted phishing. They are dubbed as Ransomware 3.0.
For Southeast Asia (SEA), the latest data from Kaspersky revealed Lockbit is the most prolific targeted ransomware which attacked 115 unique businesses in the region. These enterprises are users of Kaspersky’s B2B solutions; hence these incidents were foiled.
Lockbit ransomware group, which is also a ransomware-as-a-service provider, have successfully victimized major companies globally and in SEA including a major IT Service Provider – allegedly $50 million was asked as the ransom, a private school in Malaysia, and a food manufacturer in Singapore.
The ransomware created by this notorious group is used for highly targeted attacks against enterprises and other organizations and is regularly updated, now on its Lockbit 3.0 version.
“Malicious actors, like Lockbit ransomware group, invest considerable time in up-front intelligence gathering to determine who they will target, how they will target them, and the optimal timing of their attack. This level of pre-planning makes attacks more sophisticated and therefore harder to catch. Combine this with their double and now the emerging triple-extortion models, modern targeted ransomware groups are set to disrupt more enterprises in SEA if we are not equipped enough to nip them on the bud,” warns Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
“To help the overwhelmed and undermanned enterprise security teams, we consolidated our multiple security tools into a coherent, unified security incident detection and response platform – our Kaspersky Extended Detection and Response (XDR). This new platform provides multi-layer protection for enterprises, as well as threat hunting capabilities for their existing Security Operations Center (SOC),” adds Yeo.
Kaspersky’s XDR promises adaptability for organizations of all shapes and sizes. This simple-to-use platform is also enriched with trustworthy threat intelligence data from KSN (Kaspersky Security Network) for better detection capabilities.
It is a multi-layered security technology platform in the form of solutions and cybersecurity experts’ services and uses a proactive approach of coordinating siloed security tools into a coherent, unified security threat detection and response platform.
The many benefits of Kaspersky XDR for enterprises here also include:
- Consolidating a large volume of alerts into a much smaller number of incidents that can be prioritized for manual investigation
- Providing integrated incident response options that provide sufficient context so that alerts can be resolved quickly
- Providing response options that extend beyond infrastructure control points, including network, cloud, and endpoints, to deliver comprehensive protection
- Automating repetitive tasks to improve productivity
- Providing a common management and workflow experience across security components, creating greater efficiency
The Kaspersky products and services that form its XDR are:
- Kaspersky EDR Optimum
- Kaspersky EDR Expert
- Kaspersky Anti-Targeted Attack Platform
- Kaspersky Managed Detection and Response
- Kaspersky Incident Response
Interested customers can find out more at go.kaspersky.com/expert or contact sea.sales@kaspersky.com.
