Businesses hit by 1.8-M cyber viruses — Kaspersky

A global cybersecurity and digital privacy firm, Kaspersky, reported on Tuesday that the number of businesses experiencing on-device cyberattacks reached 1.8 million last year.

According to the report, 1.8 million businesses in the Philippines suffered on-device cyberthreats last year, third among the ASEAN region.

Indonesia topped the list with 16 million on-device cyber threat reports, followed by Malaysia at 4 million and Singapore in fifth place with 900,000 reports.

Moreover, Kaspersky said as businesses increasingly focus on securing their online networks, a lesser-known but equally dangerous threat is gaining traction: attacks via various “offline” methods, such as USB drives and removable media.

In 2024 alone, Kaspersky detected and prevented nearly 50 million on-device malware attacks targeting businesses in Southeast Asia (SEA).

The staggering figure underscores the urgent need for organizations to strengthen their defenses against attacks originating from USB drives and removable media.

On-device threats spread by offline methods involve the use of physical devices, such as USB drives, external hard drives, or other removable media, to deliver malicious software to a target system.

Unlike traditional cyberattacks that rely on internet connectivity, these attacks exploit the trust users place in physical devices.

Malice infused

“Towards the end of 2024, our experts uncovered a concerning case where a secure USB drive, developed by a government entity in Southeast Asia for securely storing and transferring files in sensitive environments, was compromised.

Malicious code had been injected into its access management software, enabling it to steal confidential files from the drive’s secure partition. Additionally, the code acted as a USB worm, spreading the infection to other drives of the same type, highlighting the sophisticated nature of this threat,” explains Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.