Endpoint security provider Kaspersky Lab last week announced to extend its offerings in Hong Kong, providing anti-target attack platform and security intelligence services. These offerings are responding to the rising cybersecurity incidences in 2016 around ransomware and advanced persistent attacks (APTs), according to Vyacheslav Zakorzhevsky, Kaspersky Lab’s head of anti-malware team.
At his recent visit to Hong Kong, Zakorzhevsky noted the number of ransomware attacks increased by 11 fold in 2016. He added that 62 new ransomware families were identified during the period. Although law enforcement agencies do not encourage victim to pay the criminals, many still paid and one-fifth of those who paid were not able to retrieve the data.
In response to the surge of ransomware attacks, Kaspersky Lab together with the Europol’s European Cybercrime Center, Netherland’s police and Intel Security formed the No More Ransom initiative last year. The initiative aims to help victims of ransomware to retrieve their encrypted data without having to pay the criminals. Zakorzhevsky noted that the initiative also worked with the police force in Singapore and China to help ransomware victims. He added that since the initiative was launched in July 2016, the group has solved 10,000 cases.
Another major global cybersecurity trend is the rising of APTs. One of these targeted attacks was using CVE-2015-2545, vulnerability found in Microsoft Office. The attacks were found active in South East Asia last year and raised concerns about attacks from obsolete software, said Zakorzhevsky.
He added that other APTs in 2016 targeted financial institutions. These attacks include using Metel, a banking Trojan to withdraw cash from ATMs. The Lazarus attack also penetrated into the SWIFT banking network, allowing cybercriminals to conduct unauthorized funds transfer.
Aiming to help Hong Kong enterprises to prevent from these attacks, Kaspersky Lab is extending its non-endpoint offerings. One of them is the Anti Targeted Attack Platform. It aims to enable businesses detect targeted attacks and other malicious actions through careful monitoring of network activity, web and e-mail.
“This allows the company to detect complex attacks at any stage, even when no malicious activity is taking place,” said Erick Kwok, general manager of Lapcom, the distributor of Kaspersky Lab in Hong Kong.
Another major offering is the security intelligence services, which covers three main areas: security assessment; cybersecurity training; and threat intelligence and investigation services.
Kwok noted that the latest addition of this service in Hong Kong is the three-level cybersecurity training service. The first level provides cybersecurity fundamentals, followed by the intermediate and advance level training that covers digital forensics, malware analysis and reverse engineering training.
To prevent attacks targeted at ATMs and point of sale (POS) terminals, Kaspersky Lab’s new offerings in Hong Kong extend security for embedded systems.
“The difficulties of protecting ATMs and POS terminals are these machines are always geographically scattered, low performance with no or slow network connection,” said Kwok. “Kaspersky Embedded Systems Security brings centralized reporting and management.”
He noted the offerings aim to protect machines from cyberthreats that are initiated either through remote attacks or on-site compromise of the system via USB sticks. Kwok added that the Default Deny mode also blocks attempts to run any unauthorized executable code or drivers on ATMs and PoS terminals.
“Hong Kong’s cyber landscape has witnessed a number of advanced cyberattacks in the past years, making it one of the most targeted countries in Asia. This is why the vendor is announcing the release of these offerings in Hong Kong,” said Kwok.