In March this year, the world woke up to a crypto heist, a coordinated cyberattack on the popular play-to-earn non-fungible token (NFT)-based game Axie Infinity, where attackers pocketed over $600 million from the game.
The reason? Human error. The perpetrator? North Korea. The lesson: even the complicated, relatively “safer” realm of blockchains, sidechains, and cryptocurrencies are vulnerable to cybercrime. And as they become more and more mainstream, we will hear of more such heists and frauds.
There already is a growing trend. According to an IBM report, ransomware was a top threat in 2021, and 26% of global attacks targeted Asia, the most attacked geography of 2021. In 2020, malware and ransomware use shot up by 358% and 435%, respectively, compared to the previous year, as per a study by Deep Instinct. The data is sufficiently alarming, and it is crucial to understand the reasons behind these trends.
More internet users increased the threat surface
The Covid-19 pandemic, apart from being one of the most socio-economically challenging events globally, has also been the reason for many countries and businesses to go digital or adopt some form of online transactions. That has meant more of people’s everyday lives moving online, and as a result, increased the possibility of cyberattacks.
Around 4.9 billion people, or 63% of the world’s population, were online in 2021, according to data from the International Telecommunication Union. Of these, 440 million were in ASEAN countries.
|Percentage of population online
Source: Global Digital Overview 2020
One of the beneficiaries of this rising internet penetration has been the rise of e-commerce. The value of ASEAN’s e‑commerce rose nearly six times, from $9.5 billion in 2016 to $54.2 billion in 2020. Helped by the increase in the online population, the e-commerce sector is set to grow at an annualised rate of 22% and reach $146 billion by 2025.
Indonesia, the Philippines, and Malaysia are the countries that have seen the maximum expansion of e-commerce during and post the pandemic.
When people go online to buy things, they inevitably leave personal information with the online business, whether it is their personal details, address, phone numbers, credit card information, and even health-related information.
All these are of great value to cybercriminals who can either sell the datasets for money or use individual financial details to steal money through cyber fraud.
In May 2020, three Indonesian e-commerce platforms reportedly suffered data breaches that exposed the details of their customers, which were then sold on the dark web. One of these was the breach at Indonesia’s largest e-commerce platform Tokopedia, which affected 91 million users. The Philippines accounted for 2.49% of global suspected fraudulent e-commerce transactions. Malaysia also reported a significant rise in reported e-commerce fraud cases last year, amounting to a loss of over RM 57 million (around $13 million).
Add to this mix these newer technologies built on blockchains, from cryptocurrencies to NFTs, decentralised finance to real estate sales. Even though a relatively small number of people use these technologies, many high-value transactions and investments are being put into these systems, making them fertile ground for heists like what happened at Axie Infinity.
Cybercrime related to cryptocurrencies is also on the rise. A lot of activity and understanding of the crypto ecosystem occurs on social media platforms. NFTs are one of the hottest adoption trends across industries, and the scams are already beginning to make headlines.
Evolving cyber crimes and frauds
Interpol’s ASEAN Cyberthreat Assessment Report 2021 notes how different kinds of cyber crimes have evolved since the pandemic began in 2020.
Common cyber-crimes by country
|Common cyber crimes/frauds in 2020
|Recruitment scams through social media platforms
|Online scams, identity theft
|Online fraud (Macau Scam)
Source: Interpol ASEAN Cyber Threat Assessment Report 2021
Though research after research points to the fact that the Asia Pacific region is experiencing increasing cyber attacks, there is little to no uniform data available exclusively for the ASEAN region.
A common thread among all cybercrimes, though, is the human element. Cybercriminals realise that internet users are now more aware and careful about giving out their personal information or trusting sources. So they have figured out complex social engineering methods to make people believe they are receiving information from trusted sources.
Simply put, cybercriminals manipulate people into divulging their personal information. The methods used are so believable they’ve made large corporations like Toyota lose millions of dollars.
And personalisation in cybercrime is growing, making online scams targeted at individuals extremely common.
Group-IB estimates that online scams have become the main type of online crime, accounting for as much as 74.5% of all cybercrime in the first half of 2021. More than half (57%) of all cybercrimes in H1 2021 were scams (a type of fraud in which victims voluntarily make payments or disclose their data), while phishing (theft of bank card data) accounted for just 17.5%.
Social engineering is the most common method used for business email compromise (BEC), identified by Interpol as the most prevalent type of cybercrime in ASEAN.
BEC leads to “businesses suffering major losses, as it is a high-return investment at a low cost and risk…cybercriminals behind BEC are becoming more sophisticated, technically proficient, and able to leverage different types of tools to achieve their aims,” Interpol notes in the report.
Another category of social engineering attacks is Covid-19-related phishing attacks.
Phishing is, simply put, the fraudulent practice of sending emails pretending to be from reputable companies or trusted sources in order to make people believe enough to reveal personal information, such as passwords and credit card numbers.
Covid-19 related phishing attacks rose 220% in 2020, according to F5 Labs Phishing and Fraud Report. It identified three primary objectives for such phishing — fraudulent donations to fake charities, credential harvesting, and malware delivery.
These attacks still continue to happen globally, and across ASEAN member nations.
Ransomware continues to be a big issue that has been causing corporations and countries to lose money. According to the Interpol report and data from Kaspersky, the ASEAN region saw about 2.7 million ransomware detections in the first three quarters of 2020. Indonesia suffered the most with 1.3 million ransomware detections, accounting for almost half of the entire detections in the region.
Within ransomware, IBM notes a “concerning new trend” called triple extortion. Cybercriminals encrypt and steal data and also threaten to engage in a distributed denial of service (DDoS) attack against the affected organisation.
Ransomware gangs are also looking at their primary victim’s extended business partners to pressure them into paying a ransom, by threatening to expose their data or cause disruptions to their businesses, IBM further added.
With everything commoditised, the world of cybercrime is also catching on to the trend of providing crimeware-as-a-service (CaaS).
This report puts it succinctly: “CaaS has decreased the barrier of entry for new, less savvy threat actors, and now represents an optimum choice for advanced attackers that want to conduct hit-and-run operations. The Crimeware-as-a-Service model makes it difficult to attribute the crime to a particular individual because the means and the infrastructure are shared among multiple bad actors”.
CaaS providers often work in the underground market and provide everything from spyware, phishing kits, browser hijackers, keyloggers, and more.
Cryptojacking is a cybercrime that involves the unauthorised use of people’s devices (computers, smartphones, tablets, or even servers) by cybercriminals to mine for cryptocurrency, explains Kaspersky.
Even though cryptocurrencies are volatile, their high valuations are a draw for cybercriminals, and crypto-jacking is another kind of cyber fraud that is on the rise. Google’s 2021 Threat Horizon Report found that 86% of the compromised Google Cloud instances were used to perform cryptocurrency mining.
Another area of concern for cyber fraud, flagged by Interpol in its report is e-commerce data interception. Cybercriminals install different kinds of malware, or malicious software, to collect customers’ personal and financial information with ease, and the fast-evolving functionalities on e-commerce platforms make it more challenging to detect and investigate.
Asia among the most impacted
As our lives continue to move and remain online, it is going to be increasingly difficult to avoid cybercrime. The CyberEdge Group 2021 Cyberthreat Defense Report found that 86.2% of surveyed organisations were affected by a successful cyberattack.
In Asia, given the relatively new switch to online transactions and interactions, the two most common cyberattack tactics are virus or malware outbreaks and employee errors.
According to Group-IB’s Hi-tech Crime Trends Report (requires download), the regions most often targeted by scams are Europe (36.2%), Africa (24.2%), and Asia (23.1%). Among countries, India (42%), Thailand (7%), and Indonesia (4%) top the list.
Group-IB, which helped block over 14,000 phishing resources between H1 2020 and H1 2021, ran into a unique problem that prevented some of these phishing attacks from getting fixed.
“There is a language barrier when dealing with countries where English is not widely spoken, as is often the case with registrars and hosting providers in Asia and Africa. The fact that they do not speak English often means that a complaint is not handled at all. For example, an operator can simply hang up the phone if they don’t speak English,” the report said.
Going forward, it is going to be critical for countries to educate the masses about the risks of being online. Cybercriminals and frauds are only going to increase, but that should not stop people from accessing the vast resource that is the internet.
While large technology firms often bring out these explainers on good cyber hygiene, and governments are making their own efforts, individual awareness and understanding will go a long way in ensuring you stay safe and not fall prey to malicious actors online.