CloudSEK's South-East Asia Annual Threat Landscape Report 2024 highlights the growing sophistication of cyber threats in the region. The report identifies 45 active threat actors engaged in selling stolen data and unauthorized access credentials on dark web forums like BreachForums, CabyForum, and XSS. The Banking & Finance, Retail, and Government sectors faced the highest number of attacks, with Indonesia and the Philippines being the most targeted countries.

Ransomware incidents surged, with LockBit 3.0, RansomHub, and KillSec leading attacks on IT, Financial Services, and Industrial Engineering industries. Threat actors employed advanced extortion tactics, including data encryption, theft, and service disruptions. Dark web activity remained high, with BreachForums standing out due to its credibility and strict vetting of leaked data.

Exploited vulnerabilities ranged from Remote Desktop Protocol (RDP) weaknesses to insecure enterprise software, with phishing and credential stuffing as common attack methods. The report emphasizes the urgency for organizations to implement robust cybersecurity measures, including timely patching, zero-trust security frameworks, and enhanced incident response strategies.

As cybercriminals continue to weaponize vulnerabilities, collaboration between the public and private sectors becomes crucial in mitigating emerging threats. The report serves as a crucial resource for security professionals to understand and defend against the evolving cyber landscape in South-East Asia.

‍