Ransomware attacks, a growing threat that needs to be countered

Bangkok - The United Nations Office on Drugs and Crime (UNODC) delivered a practical regional training on ransomware investigations to law enforcement officers, computer security incident response teams, and prosecutors from Malaysia, the Philippines and Thailand.



The increased digitalization of society, compounded by the COVID-19 outbreak, has contributed to a recent 600% rise in cybercrimes in Southeast Asia. Within this rise, ransomware has skyrocketed to become the most prominent malware threat.



Ransomware is a malicious software that, once gaining access and being installed on your device, will encrypt all the data and require a ransom to be paid to return access to the data. Unfortunately, paying the ransom does not in any way guarantee access will be granted to the data. Experts estimate that ransomware attacks will globally occur every 11 seconds, resulting in total damage costs of US$ 20 billion in 2021.



These trends are being driven by an increase in the number of available targets, as well as the perception of cybercrime as highly profitable with a relatively low risk of detection. The criminals target not only the individuals, but increasingly focus on critical national infrastructure and business of all sizes in both the private and public sectors.



The significant threat of ransomware, known to disrupt essential services such as (public) healthcare, schools/colleges, finance, insurance, government functions and critical infrastructure, has become a serious global concern and a matter of national security for numerous countries around the world.

In September 2021, a Malaysian web-hosting service was the target of a ransomware attack demanding US$ 900,000 in cryptocurrency. In May 2021, four subsidiaries of an international insurance company in Thailand, Malaysia, Hong Kong and the Philippines were hit by a ransomware attack asking for US$ 20 million. Similar attacks also took place last September in Thailand, where computer systems and data of several hospitals, companies and organizations were encrypted and blocked.



As a response to this significant and rising threat, the training developed by UNODC focused on strengthening Member States’ ability to effectively investigate and prosecute ransomware and other financially-motivated cybercrimes, including cryptocurrency-enabled crime. Improved information sharing among jurisdictions to foster public-private partnerships was also addressed.



“Ransomware attacks have skyrocketed in the past years, increasingly targeting critical national infrastructures, disrupting business processes, and compromising vital data that they require to function. There needs to be a collaborative and coherent response to these threats, and UNODC has been working closely with Member States to strengthen their national and cross-border operational capacity to respond to ransomware”, said Mr. Alexandru Caciuloiu, UNODC Cybercrime and Cryptocurrency Advisor for Southeast Asia and the Pacific.



The training was funded by the Government of Japan. In addition to this course, UNODC will offer a follow-up regional training course later this year.



Click here to read more about the UNODC Darknet Cybercrime Threats to Southeast Asia report.

Click here to read more about Cybercrime and COVID-19 in Southeast Asia: an evolving picture.

Original article published on UNODC Southeast Asia and Pacific.