Breaking passwords continues to be a favoured tactic among cybercriminals attempting to infiltrate firms in Southeast Asia (SEA), according to the latest findings by global cybersecurity company Kaspersky.
From January to December 2024, Kaspersky solutions used by businesses in the region detected and blocked over 53 million bruteforce attacks.
Bruteforce.Generic.RDP refers to a method of guessing a password or encryption key by systematically trying every possible combination of characters until the correct one is found. A successful bruteforce attack allows the attacker to obtain valid user credentials.
RDP, or Remote Desktop Protocol, is Microsoft’s proprietary protocol that enables a user to connect to another computer through a network of Windows-based machines. It is widely used by both system administrators and less-technical users to remotely control servers and personal computers – but it is also a popular tool among intruders attempting to access target machines housing sensitive corporate data.
Devices outside a company’s local network, away from the protection of its IT department, are particularly vulnerable. Confidential information is at significant risk of being stolen or lost through carelessness.
“On a daily basis, we are looking at more than 145,000 attempts to break enterprises’ and SMBs’ passwords and encryptions in Southeast Asia. That’s a lot, given the current shortage of cybersecurity staff in the region,” said Adrian Hia, Kaspersky’s managing director for Asia Pacific.
Indonesia and Malaysia recorded double-digit increases. Firms in Indonesia faced 14,662,615 RDP attacks last year – a 25 per cent increase from the 11,703,925 incidents in 2023. Malaysia saw a 14 per cent rise, with 3,198,767 bruteforce attacks in 2024 compared to 2,810,648 the year before.
“With better artificial intelligence services now in play, cybercriminals have a reliable assistant to guess passwords and break encryptions faster. Once successful, a bruteforce attack gives them remote access to the target computer. Imagine the damage a spy – or more – could cause from inside your systems.
“That’s why it is urgent for businesses in Southeast Asia to examine their IT posture and recalibrate their cybersecurity capabilities,” Hia added.
