More than 4 million domestic businesses suffered password breaches through bruteforce, global cybersecurity and digital privacy company Kaspersky reported on Tuesday.
Bruteforce is a method for guessing a password or an encryption key that involves systematically trying all possible combinations of characters until a correct one is found. A successful attempt allows an attacker to obtain valid user credentials.
RDP, or Remote Desktop Protocol, is Microsoft’s proprietary protocol that enables a user to connect to another unit through a network of Windows computers.
Kaspersky said breaking passwords continues to be a trusted tool by cybercriminals to try to infiltrate firms in Southeast Asia.
Topping bruteforce attacks in SEA were Vietnam, with more than 19 million reported attacks; Indonesia, with more than 14 million attacks; Thailand, with more than 7 million; Singapore, with 4.2 million; the Philippines, with 4.1 reports; and Malaysia, with 3.1 million.
From January to December 2024, Kaspersky solutions used by local businesses detected and blocked more than 53 million bruteforce attacks.
When devices are outside the company’s local network, away from the protection of the information technology (IT) department, confidential information has a high potential for theft or loss due to carelessness.
“Daily, we look at more than 145,000 attempts to break enterprises and SMBs’ passwords and encryptions in SEA. That’s a lot given the region’s cybersecurity staff shortage,” comments Adrian Hia, managing director for Asia Pacific at Kaspersky.
“With better Artificial Intelligence (AI) services at play, cybercriminals now have a reliable assistant to guess passwords and break encryptions faster. Once thriving, a bruteforce attack allows an attacker to access the targeted host computer remotely.”