Kaspersky has unveiled its Kaspersky Extended Detection and Response (XDR) platform which aims to mitigate the costly threat of targeted ransomware for businesses in Malaysia.
The launch event, held at Le Meridein Hotel, Kuala Lumpur on Feb 16, 2023, kept attendees engaged learning on Kaspersky XDR platform as well as updates on ransomware in Malaysia and Southeast Asia.
The new security technology platform provides multi-layer protection for enterprises, in the form of solutions and cybersecurity experts’ services, by consolidating multiple security tools into a coherent, unified security incident detection and response.
“Malicious actors, like Lockbit ransomware group, invest considerable time in up-front intelligence gathering to determine who they will target, how they will target them, and the optimal timing of their attack. This level of pre-planning makes attacks more sophisticated and therefore harder to catch.
“Combine this with their double and now the emerging triple-extortion models, modern targeted ransomware groups are set to disrupt more enterprises in SEA if we are not equipped enough to nip them on the bud,” said Kaspersky Southeast Asia general manager Yeo Siang Tiong at the launch of Kaspersky XDR platform.
Latest data from Kaspersky revealed that for Southeast Asia (SEA), Lockbit is the most prolific targeted ransomware which attacked 115 unique businesses in the region. These enterprises are users of Kaspersky’s B2B solutions; hence these incidents were foiled.
The Lockbit ransomware group, which is also a ransomware-as-a-service provider, has successfully victimized major companies globally and in SEA including a major IT Service Provider (allegedly $50 million in ransom was asked), a private school in Malaysia, and a food manufacturer in Singapore.
The ransomware created by this notorious group is regularly updated, now on its Lockbit 3.0 version. It is used for highly targeted attacks against enterprises and other organizations.
“To help the overwhelmed and undermanned enterprise security teams, we consolidated our multiple security tools into a coherent, unified security incident detection and response platform – our Kaspersky Extended Detection and Response (XDR). This new platform provides multi-layer protection for enterprises, as well as threat hunting capabilities for their existing Security Operations Center (SOC),” added Yeo.
According to Kaspersky, there was an almost two-fold (181%) increase in ransomware attacks last year, which translates to 9,500 encrypting files per day globally.
The criminals behind these attacks continue to sharpen their tactics and tools to earn more money.
In 2020, Kaspersky sounded the alarm against Ransomware 2.0 which are attacks that employ “pressure tactic” to ask for higher ransom and to increase the reputational impact of an attack.
Two years later, targeted ransomware groups added another extortion mode – such as reselling the data or files they have hacked, conducting DDoS attacks against their victim or the victim’s customers, or using the same data to conduct follow-up attacks, like targeted phishing. They are dubbed as Ransomware 3.0.
Kaspersky claims its XDR platform is adaptable for businesses of all shapes and sizes. This simple-to-use platform is also enriched with trustworthy threat intelligence data from KSN (Kaspersky Security Network) for better detection capabilities.
Some of the key benefits of Kaspersky XDR platform for enterprises include:
- Consolidating a large volume of alerts into a much smaller number of incidents that can be prioritized for manual investigation
- Providing integrated incident response options that provide sufficient context so that alerts can be resolved quickly
- Providing response options that extend beyond infrastructure control points, including network, cloud, and endpoints, to deliver comprehensive protection
- Automating repetitive tasks to improve productivity
- Providing a common management and workflow experience across security components, creating greater efficiency
The Kaspersky products and services that form its XDR are Kaspersky EDR Optimum, Kaspersky EDR Expert, Kaspersky Anti-Targeted Attack Platform, Kaspersky Managed Detection and Response and Kaspersky Incident Response.