Asia is top cyberattack target, as IBM unveils security hub

IBM has announced it will set up a cybersecurity hub in India, as it looks to arm organisations across Asia-Pacific with cyber resiliency.

This comes as Asia is revealed to be the number one most targeted region for cyberattacks, representing 26% of attacks in 2021, according to new IBM global analysis.

Asia overtakes Europe and North America as most targeted region for cyberattacks

Data from IBM’s just-released 2022 X-Force Threat Intelligence Index shows a significant shift compared to the past decade of the report, where North America and Europe have historically ranked as the most targeted.

Experiencing more than 1 in 4 (26%) attacks that IBM observed globally in 2021, Asia saw more cyberattacks than any other region in the past year.

Financial services and manufacturing organisations together experienced nearly 60% of attacks in Asia, while Japan, Australia and India were the most attacked countries across the region.

This trend towards APAC as a target signals a growing need for security investments amongst Asian organisations, particularly those in financial services and manufacturing, which were the most-targeted industries in the region.

IBM launch of first-of-its-kind regional cybersecurity centre

To help businesses across the region prepare for and manage this growing threat, IBM is making a multi-million-dollar investment in its resources and setting up a first-of-its-kind regional cybersecurity centre.

“Preparing for a cyberattack is like fire-drill training,” explains Chris Hockings, IBM Security CTO for Asia Pacific. “Everyone from executives through to contractors need to understand their own role in an emergency and reinforce the crucial response steps through practice.”

Located in the world’s fastest-growing mature tech ecosystem, Bengaluru in India, within the IBM offices, the new cybersecurity hub will include two centres, designed to help address the most pressing need of the hour for organisations of all types, to accelerate their security strategies and align business priorities with a security-first approach.

The IBM Security Command Center will provide a training ground for cybersecurity response techniques through highly realistic, simulated cyberattacks, designed to prepare everyone from the C-Suite through technical staff. Industry-leading audio and visual effects – as well as live malware, ransomware and other real-world hacker tools – will be leveraged, with customised experiences and workshops tailored to organisations’ unique security requirements and objectives.

“The new IBM Security Command Center is the first in Asia Pacific enabled to train the entire business in the art of response to a cyberattack event, further enhanced by the real-time experience of our security experts based in the adjoining global Security Operations Center,” says Hockings. “With Asia Pacific's enormous growth, diversity, and role in global supply chain, these capabilities can be a real game-changer for helping customers face growing threats in the region."

The Security Operation Center is part of the tech giant’s vast network of existing global SOCs, and the second IBM SOC in Bengaluru. With capacity for 600 security response operators, it is set to provide 24/7 security response services to clients internationally. Leveraging AI, ML and automation, it brings together human expertise and advanced technologies to help respond with speed, efficiency and transparency.

The hub will also include IBM Managed Security Services, access to IBM’s team of incident response experts, as well as IBM Consulting, IBM Research, IBM India Software Labs, and IBM Garage, a collaborative approach designed to fast-track innovation and drive meaningful, lasting transformation for clients.

Makeup of cyberattacks in Asia-Pacific in 2021

IBM’s annual X-Force report revealed server access attacks (20%) and ransomware (11%) to be the top two attack types on Asian organisations in 2021, followed closely by data theft (10%). The high percentage of server access attacks in Asia suggests that Asian organisations are adept at identifying attacks quickly before they escalate into more concerning attack types. Remote access trojans and adware tied for fourth place at 9% of attacks.

In terms of ransomware groups, REvil made up 33% of ransomware attacks analysed, and Bitlocker, Nefilim, MedusaLocker and RagnarLocker were significant players too.

When it comes to initial infection methods, vulnerability exploitation and phishing were most to blame at Asian organisations, while brute force and use of stolen credentials were occasionally employed.

Finance and insurance organisations were attacked most frequently across APAC in 2021, making up 30% of the incidents tracked, followed closely by manufacturing (29%) and then more distantly by professional and business services (13%) and transportation (10%).

When it comes to country split, Japan, Australia and India were the most-attacked countries in Asia, with a flurry of attacks on Japan, in particular, potentially related to the Summer Olympics Games held in Tokyo in 2021, appearing to have contributed to this trend.

Read the IBM 2022 X-Force Threat Intelligence Index